Continuous Testing
This was a fun one to dig into.
Ever wonder how Azure Easy Auth really works, and how to break it?
Turns out it's pretty easy, and it may be abusable for priv esc and lateral movement:
dazesecurity.io/blog/abusing...
26.05.2025 10:32 β π 0 π 0 π¬ 0 π 0
Looking forward to posting this one. I'm guessing it's another "by design", In which case all you Azure Security folks should stay tuned
27.11.2024 20:11 β π 1 π 0 π¬ 0 π 0
Corrected link: codyburkard.com/blog/abusing... π
25.11.2024 10:20 β π 2 π 0 π¬ 0 π 0
Are you an Azure Pentester looking for new lateral movement techniques?
Take a look at my blog post about abusing Data Factory to steal secrets and tokens.
Thanks @karimscloud.bsky.social for the inspiration to look into this.
codyburkard.com/abusingselfh...
25.11.2024 09:17 β π 9 π 3 π¬ 1 π 0
Rainy Days Security Blog
Hello BlueSky World :)
I am an Azure Security researcher living in Norway. I research attack techniques against Entra, Azure, and applications built in Azure.
You can find my blog at codyburkard.com
22.11.2024 18:45 β π 3 π 0 π¬ 0 π 0
Security researcher.
I have a blog: https://sapirxfed.com
Security Researcher and Technical Director of Offensive Security at @6degreesgroup | Red Team | Penetration Testing | Reversing | DFIR | Views are my own.
π Microsoft MVP Security
π·ββοΈ Security Architect/Engineer
writer of mediocre code π»
blog: https://infernux.no
github: https://github.com/lnfernux
#Microsoft #Security #MVP #CTF
π’ Senior Cloud Solution Architect at Microsoft
ποΈ Former Microsoft MVP (Azure & Security)
βοΈ Blog: https://www.azureviking.com
π Linktree: https://linktr.ee/haflidif
Entra nerd currently @ #Semperis. Parent. Partner. MS Security MVP. Views are those of my cat.
Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | πinfosec.exchange@nathanmcnulty
#Microsoft MVP | #CloudSecurity Architect βοΈ | #Entra #AzureAD π + #AzureSecurity π‘οΈ | #CommunityRocks | #Schaengel
#Security #Azure #EntraID #XDR #MDE #Identity #M365 #AD #PKI #KQL
Microsoft MVP
Tweets and opinions are my own
Principal Security Architect & Partner at http://o3c.no, CloudSec Researcher, Microsoft Security MVP, CSA Norway Board Member
Hacker at outsidersecurity.nl. Researches Entra ID, AD and occasionally Windows security. I write open source security tools and do blogs/talks to educate others on these topics. Blog: dirkjanm.io
VP of Research - @netspi
Co-author of βPenetration Testing Azure for Ethical Hackersβ (http://amzn.to/3GOvW3A).
@kfosaaen on most other platforms
Cloud and container security β’ Security research and open source at Datadog
π¨ππ«π·
https://christophetd.fr
Principal Identity Security Researcher @Microsoft. Ex-Secureworks (PhD, MSc, MEng, CITP, CCSK).
And yes, opinions are my own ;)
content dev and researcher @offsectraining | r&d @OutflankNL | π₯
www.uf0.org
Product Manager @microsoft | Creator of bluesky.ms β’ cmd.ms β’ idPowerToys.merill.net β’ Graph X-Ray β’ π¦πΊ β’ π±π° β’ Posts my own
http://youtube.com/@merillx
Sign up to my newsletter https://entra.news
official Bluesky account (check usernameπ)
Bugs, feature requests, feedback: support@bsky.app
