AAD Kill chain

imageMapResize(); Introduction According to Verizon’s Data Breach Investigations Report 2020, externals attackers are considerable more common than internal attackers. In the cloud era, attacking the organisation from the outside is much more difficult, if not impossible. Therefore, to be able to access organisation’s data, one must gain some level of legitimate access to the organisation. The Azure AD and Microsoft 365 kill chain is a collection of recon techniques and hacking tools I’ve discovered and built during the last 10+ years while working with Microsoft cloud services.
Just looking: Azure Active Directory reconnaissance as an outsider

Just looking: Azure Active Directory reconnaissance as an outsider

This post is part 15 of Azure AD and Microsoft 365 kill chain blog series.

Azure AD and Office 365 are cloud services and most information is available only to the members (or guests) of the tenant. However, there are plenty of information publicly available to anyone.

In this blog, using AADInternals v0.4.0, I’ll show how to gather information of any Azure AD tenant as an outsider.