0xcsandker's Avatar

0xcsandker

@0xcsandker.bsky.social

Security enthusiast, likes Windows internals, AD & Azure. Blogging at: https://csandker.io

97 Followers  |  108 Following  |  1 Posts  |  Joined: 14.11.2024  |  1.4965

Latest posts by 0xcsandker.bsky.social on Bluesky

Post image

Hello token friends, do you use the content of the access token as part of your application. Then be aware that Microsoft will switch to encrypted access token and this might break stuff.

Switch to id token. #EntraID

https://devblogs.microsoft.com/identity/access-tokens-and-id-tokens/

21.01.2025 18:30 β€” πŸ‘ 16    πŸ” 11    πŸ’¬ 2    πŸ“Œ 1
Post image

Do you know the Azure IP Ranges site by @derdanu.bsky.social ?

It's a great tool to filter IP ranges by service and even download them in different formats.

https://azureipranges.azurewebsites.net/

04.12.2024 18:24 β€” πŸ‘ 19    πŸ” 5    πŸ’¬ 2    πŸ“Œ 0
Post image Post image

Had not see this before. What could go wrong if you allow any user to create mailboxes with nearly arbitrary name ?!

Seen via @jangeisbauer.bsky.social, thanks for sharing!

References
- www.linkedin.com/posts/jangei...
- www.cyberis.com/article/micr...
- jeffreyt.nl/2024/taking-...

05.12.2024 10:48 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

I'm glad to release the tool I have been working hard on the last month: #KrbRelayEx
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...

25.11.2024 17:31 β€” πŸ‘ 63    πŸ” 43    πŸ’¬ 3    πŸ“Œ 0

@0xcsandker is following 20 prominent accounts