Category Archives: Cloud Penetration Testing

Control Tower Pivoting Using the Default Role

Posted on by

Introduction The cloud security landscape for AWS has continued to evolve each year to become a complex set of products and best practices with the goal of maintaining a mature security posture. AWS Organizations was released in 2017[1] and has been a major solution to aid in managing the multi-account AWS environment that the cloud…

The post Control Tower Pivoting Using the Default Role appeared first on TrustedSec.

Continue reading Control Tower Pivoting Using the Default Role

OneDrive to Enum Them All

Posted on by

THIS POST WAS WRITTEN BY @NYXGEEK Greetings fellow hackers, Today we’ll be diving into the topic of user enumeration via OneDrive. I wrote a blog post on this topic a few years back when I first identified the technique. Since then, I’ve learned more about it, and the onedrive_enum.py tool has been updated and is more…

The post OneDrive to Enum Them All appeared first on TrustedSec.

Continue reading OneDrive to Enum Them All

Better Hacking Through Cracking: Know Your Rules

Posted on by

THIS POST WAS WRITTEN BY @NYXGEEK Intro Password recovery tool hashcat ships with a bunch of great rules, but have you actually looked at them? Being familiar with the built-in rules can help enhance your cracking capabilities and enable you to choose the right rule or rule combination. via GIPHY So where are these rules anyways?…

The post Better Hacking Through Cracking: Know Your Rules appeared first on TrustedSec.

Continue reading Better Hacking Through Cracking: Know Your Rules

Hacking Your Cloud: Tokens Edition 2.0

Posted on by

Office and Microsoft 365 tokens can add some interesting dynamics to Azure and Microsoft 365 services penetration testing. There are a few different ways of getting JWT tokens, but one (1) of the primary ways is through phishing. In this blog, we are going to explore strategies on gaining maximum efficiency with Office tokens, different…

The post Hacking Your Cloud: Tokens Edition 2.0 appeared first on TrustedSec.

Continue reading Hacking Your Cloud: Tokens Edition 2.0

Top 5 Things That Will Land an Attacker in the Azure Cloud

Posted on by

1. Misconfigured Cloud Infrastructure What type of misconfigurations can exist in a cloud infrastructure? Vulnerable front-facing webservers, unpatched appliances, and storage accounts allowing anonymous public access are just a few examples of common infrastructure misconfigurations in cloud environments. How can these services translate into an attacker gaining access to my cloud? Storage accounts can hold…

The post Top 5 Things That Will Land an Attacker in the Azure Cloud appeared first on TrustedSec.

Continue reading Top 5 Things That Will Land an Attacker in the Azure Cloud

Azure AD Kerberos Tickets: Pivoting to the Cloud

Posted on by

If you’ve ever been doing an Internal Penetration test where you’ve reached Domain Admin status and you have a cloud presence, your entire Azure cloud can still be compromised. In this blog, I’ll take you through this scenario and show you the dangers of machine account SSO compromise. We will do so without extracting any…

The post Azure AD Kerberos Tickets: Pivoting to the Cloud appeared first on TrustedSec.

Continue reading Azure AD Kerberos Tickets: Pivoting to the Cloud

Common Conditional Access Misconfigurations and Bypasses in Azure

Posted on by

Conditional Access is widely used in Azure to prevent unauthorized access. When it works, it can shut down attacks, even if the user’s password is known. However, it doesn’t always work as intended. For this blog post I wanted to provide an in-depth look at common Conditional Access configurations in Azure, along with potential bypasses….

The post Common Conditional Access Misconfigurations and Bypasses in Azure appeared first on TrustedSec.

Continue reading Common Conditional Access Misconfigurations and Bypasses in Azure