So, I’ve been playing a lot lately with azure and logic apps. I thought it would be cool to detect O365 breach in as much as less time possible. Let’s go ahead and do that, before jumping in following is prerequisites. Prerequisites: Enable Azure log analytics workspace, pump O365 logs
Recently, ive came across one task to create PowerShell script which does the following actions check and install if Hyper-V role is missing Check and install if WSL is missing Check and add the local user account to Hyper-v Admin group so they can use Hyper-v without admin privileges. Following
what are the odds of gaining initial access and doing some reconnaissance using PowerShell? sounds interesting right? lets test this out. powershell empire project is just simply superb resource if you want to dig into it more. Download link: https://github.com/PowerShellMafia/PowerSploit/ Download from Github and drop the folder into the modules
Get rid of those bad passwords in your organisation, if you can crack them so as an attacker. There is a lot of debate on how much this feature can really help. To see its benefits give it a go and see how many bad passwords lurking in your organisation.
Azure-AD has this fantastic feature for cloud accounts called bad passwords. It works by calculating the score while users changing their passwords. Microsoft now extended this feature to on-prem as well. it comes with its own advantages and disadvantages as well. How does it work? Azure administrator creates password policy,