Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Attack Scenarios Abusing Azure Active Directory

Hack In The Box Security Conference via YouTube

Overview

Explore attack scenarios exploiting Azure Active Directory in this comprehensive conference talk from HITB Cybersecurity Week 2021. Delve into the integration of Azure IaaS services and Office 365 products, examining how centralized permissions and roles can be exploited. Learn about core Azure AD concepts, including users, groups, role definitions, assignments, applications, and service principals. Discover various privilege escalation techniques that grant attackers access to sensitive information, Azure IaaS services, and Office 365. Gain insights into attacks that can lead to full control over Azure AD tenants and IaaS services. Conclude with mitigation recommendations and best practices for securing Azure AD, equipping you with essential knowledge to protect your organization's cloud infrastructure.

Syllabus

Intro
Resources
Resource Group
Management Groups
Architecture Example
Azure Resource Manager Role Based Access Control (RBAC)
Azure Active Directory (AAD) Fundamentals
Application API Access
Applications & Service Principals Authentication
Azure Active Directory Roles
Gaining Foothold - AD Connect Abuse
Internal Reconnaissance Phase
Azure Active Directory Role Assignment Enumeration
Azure Application Registration Graph App Roles Permissions
Attack Scenarios
Azure Command Line Tools
From Azure Active Directory to the Resource Manager
User Updates Application Secret
from Resource Manager to Azure Active Directory
Azure Function App - Architecture
List Function App Host Keys
OneDrive App Registration App Roles Permission
From one on-prem Machine to Another on- prem Machine
Prerequisites
Azure Tokens
Reset Application Password
Enumerating the Intune Application Permissions
Intune App graph app role permissions
Intune Script Creation
Assign Intune Script to a Group
Best Practice - Logs Logs Logs
Least Privilege Concept
Azure Resource Manager RBAC Permissions - Least Privilege
Privileged Identity Management - PIM
Azure Active Directory Identity Protection
Conditional Access
XMGoat - Compromise the Subscription

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Attack Scenarios Abusing Azure Active Directory

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.