Top Tweets for #BreachingAzureLab
You can use tools such as #Microburst or #CloudScraper to enumerate and brute force #Azure Storages and containers. If found, try:
#CloudSecurity #CloudBreach #BreachingAzureLab #RedTeam #AzureSecurity

Have you found #AzureAD App (SPN) Client ID and Client Secret during #RedTeam or #Pentest ? Try to authenticate using the following command. #CloudSecurity #CloudBreach #BreachingAzureLab #Azure #AzureSecurity

On a compromised App Service, if managed Identity is assigned make sure to generate Key Vault access token as well. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab #Azure

Use tools such as #Evilginx2 or #Modlishka to perform phishing attacks. Both tools acts as a reverse proxy & can be used to bypass 2FA. Also, you can gather cleartext credentials along with session cookies (e.g O365) #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab #Azure
On a compromised App Service make sure to check if managed Identity is assigned by executing "env" command. If IDENTITY_ENDPOINT vars exists, generate the relevant access tokens. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab #Azure

Did you know that with a Contributor Role on an App Service you are able to read FTPS credentials ? Deployment -> Deployment Center -> FTPS credentials. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab #Azure
Bypass Copy/Paste #CASB (Microsoft Defender for Cloud Apps) Conditional Access Policy using browser inspect elements. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab #Azure
Once you get hold of a valid set of credentials you can use MFASweep by @dafthack to check whether MFA is enabled against the target user. Please be aware that multiple login attempts may log out the victim account #RedTeam #CloudSecurity #CloudBreach #Azure #BreachingAzureLab

Use tool such as #AADInternals developed by @DrAzureAD to perform #Azure Internal Reconnaissance, Enumeration, etc. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab

Discover an organization's #Azure Tenant ID by replacing the (DOMAIN) with the organization domain. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab

Use tool such as TokenTactics - https://t.co/oe2TzuIdPn developed by @424f424f and @0xBoku to perform device code phishing attack. #RedTeam #CloudSecurity #CloudBreach #BreachingAzureLab #Azure

Join the @Cloud_Breach Twitter community to discuss the latest news and tooling on Azure Pentesting, Cloud Security Assessments and the industry Best Practices. #BreachingAzureLab #Azure #CloudSecurity #CloudBreach #RedTeam #BlueTeam https://t.co/ivpTTuPhJk
On a compromised device make sure to check for the existence of the hidden folder "C:\Users\user\.kube\config" or "~/.kube/config". If exists, try: 'kubectl describe pods' #BreachingAzureLab #CloudBreach #RedTeam #Azure #K8s #AKS #Kubernetes
On a compromised #AzureAD Hybrid/Joined Device make sure to check for the existence of the hidden folder "C:\Users\user\.azure". If exists, try: 'az account show' #BreachingAzureLab #CloudBreach #RedTeam #Azure
On a compromised #Azure VM make sure to navigate to "C:\Packages\Plugins" directory for useful/sensitive information such as custom scripts. #BreachingAzureLab #CloudBreach #RedTeam
Use AD Conditional Access to Enforce #AzureAD MFA across all users of the organization. #BreachingAzureLab #CloudBreach #Azure #BleuTeam
Apply the following Conditional Access to mitigate device code phishing attacks: All User & Apps, Any Location - Exclude: TrustedIPs, All device state - Exclude: Device Hybrid #AzureAD. #BreachingAzureLab #CloudBreach #Azure #BleuTeam
Use tools such as #KICS and #Checkov to identify vulnerabilities, misconfigurations in your Infrastructure as Code solution. #IaC #DevOps #RedTeam #BreachingAzureLab #CloudBreach #BlueTeam #DevSecOps
Disable “Users can register applications” from your #AzureAD in order to prevent non-admin users to register custom-developed applications. #BreachingAzureLab #Azure #CloudSecurity #CloudBreach #BlueTeam
Often Azure Conditional Access policies restrict access to specific device platforms. Try different user-agents to bypass them, such as "Linux (Mozilla/5.0 (X11; Linux i686; rv:10.0) Gecko/20100101 Firefox/33.0)". #BreachingAzureLab #Azure #CloudSecurity #CloudBreach #RedTeam
Last Seen Hashtags on Sotwe
Most Popular Users

Elon Musk 
@elonmusk
240.7M followers

Barack Obama 
@barackobama
119.2M followers

Donald J. Trump 
@realdonaldtrump
111.7M followers

Cristiano Ronaldo 
@cristiano
110.9M followers

Narendra Modi 
@narendramodi
107M followers

Rihanna 
@rihanna
97.7M followers

NASA 
@nasa
92.2M followers

Justin Bieber 
@justinbieber
91M followers

KATY PERRY 
@katyperry
87.8M followers

Taylor Swift 
@taylorswift13
81.7M followers

Lady Gaga 
@ladygaga
73.2M followers

Virat Kohli 
@imvkohli
70.2M followers

Kim Kardashian 
@kimkardashian
69.9M followers

YouTube 
@youtube
68.7M followers

Bill Gates 
@billgates
64M followers

Neymar Jr 
@neymarjr
63M followers

The Ellen Show
@theellenshow
62.4M followers

CNN 
@cnn
61.9M followers

Selena Gomez 
@selenagomez
60.9M followers

X 
@x
60.8M followers
