AzureAD objects enumeration

You can enumerate Azure AD objects using Microsoft Graph: https://dirkjanm.io/introducing-roadtools-and-roadrecon-azure-ad-exploration-framework/ BECS and beyond: Investigating and Defending Office 365 (Mandiant, APT TTP and associated logs) You cant’ hide things in AAD (Delta subscriptions for non priv users) Consent grant attack mitigationGood list of mitigation techniques I’m In Your Cloud from Dirk-jan Mollema Microsoft Graph ExplorerHow toContinue reading “AzureAD objects enumeration”

Microsoft Graph / Graph API

Introduction: The Microsoft Graph APIs exposes RESTful services. This makes it very flexible because REST is compatible with almost any modern platform programming languages. The exchange format is essentially in JSON and it can be encapsulated into the HTTPS transport security. The central point of Microsoft Graph is the concept of User, the authentication andContinue reading “Microsoft Graph / Graph API”