Notes From The Field: Exploiting Nagios XI SQL Injection (CVE-2023–40931)This CVE affects Nagios XI 5.11.0 and 5.11.1. It does require authenticated access into the Nagios environment.Jul 4, 20241Jul 4, 20241
Introduction to Azure Cloud Token Theft MindMap V1Recently I’ve uploaded a Mind Map to my Azure Red Team repository on Token theft decisioning during authorized penetration test or red team…Jun 12, 20241Jun 12, 20241
Evading Token Protection For EntraID/M365 (2024 Edition)The topic of using token protection has cropped up on my timeline again recently, so I thought it was necessary to do an updated post on…May 27, 2024May 27, 2024
Updated: Adversary Simulation using Azure CLI and Microsoft Graph PowerShellAt one point last year prior to things like GraphRunner coming out, operations to interact with Microsoft Graph PowerShell was a common…Feb 15, 2024Feb 15, 2024
Active Authentication Administrators in AzureI had this question come up again recently. What are “Active Authentication Administrators” and why are they showing up under regular…Feb 1, 20241Feb 1, 20241
Hacking Active Directory with Sliver C2This box (Access) is well known (or atleast should be) in Offsec Proving grounds. I decided to revisit this active directory box as a…Jul 16, 20231Jul 16, 20231
