Want to run roadrecon, but a device compliance policy is getting in your way? You can use the Intune Company Portal client ID, which is a hardcoded and undocumented exclusion in CA for device compliance. It has user_impersonation rights on the AAD Graph 😃
12.12.2024 16:00 — 👍 45 🔁 20 💬 3 📌 1
Following my prev tweet, my Kerberos MITM relay/forwarder is almost finished! It targets for example insecure DNS updates in AD, allowing DNS name forgery. It intercepts, relays, and forwards traffic, with the client unaware. Currently supporting smb->smb and smb->http (adcs)
20.11.2024 11:21 — 👍 36 🔁 14 💬 1 📌 0solid labs and great community 😁
20.11.2024 00:27 — 👍 3 🔁 0 💬 0 📌 0