Published inPosts By SpecterOps Team MembersIntune Attack Paths — Part 1Intune is an attractive system for adversaries to target…5d ago5d ago
Published inPosts By SpecterOps Team MembersAzure Key Vault Tradecraft with BARKThis post details the existing and new functions in BARK that support Azure Key Vault tradecraft researchNov 20, 2024Nov 20, 2024
Published inPosts By SpecterOps Team MembersBrowserless Entra Device Code FlowDid you know that it is possible to perform every step in Entra’s OAuth 2.0 Device Code flow — including the user authentication steps —…Mar 6, 2024Mar 6, 2024
Published inPosts By SpecterOps Team MembersThe Most Dangerous Entra Role You’ve (Probably) Never Heard OfEntra ID has a built-in role called “Partner Tier2 Support” that enables escalation to Global Admin, but this role is hidden from view in…Feb 16, 2024Feb 16, 2024
Published inPosts By SpecterOps Team MembersDirectory.ReadWrite.All Is Not As Powerful As You Might ThinkDirectory.ReadWrite.All is an MS Graph permission that is frequently cited as granting high amounts of privilege, even being equated to the…Feb 12, 2024Feb 12, 2024
Published inPosts By SpecterOps Team MembersMicrosoft Breach — What Happened? What Should Azure Admins Do?On January 25, 2024, Microsoft published a blog post that detailed their recent breach at the hands of “Midnight Blizzard”. In this blog…Feb 2, 20244Feb 2, 20244
Published inPosts By SpecterOps Team MembersBloodHound Community Edition: A New EraI’m proud to announce the availability of BloodHound Community Edition (BloodHound CE)!Aug 8, 2023Aug 8, 2023
Published inPosts By SpecterOps Team MembersFrom DA to EA with ESC5There’s a new, practical way to escalate from Domain Admin to Enterprise Admin.May 16, 2023May 16, 2023
Published inPosts By SpecterOps Team MembersIntroducing BloodHound 4.3 — Get Global Admin More OftenDiscover new attack paths traversing Microsoft Graph and seven new Azure Resource Manager objects.Apr 18, 2023Apr 18, 2023
Published inPosts By SpecterOps Team MembersAbusing Azure App Service Managed Identity AssignmentsIntroFeb 15, 2023Feb 15, 2023