Andy RobbinsinPosts By SpecterOps Team MembersBrowserless Entra Device Code FlowDid you know that it is possible to perform every step in Entra’s OAuth 2.0 Device Code flow — including the user authentication steps —…6 min read·Mar 6, 2024----
Andy RobbinsinPosts By SpecterOps Team MembersThe Most Dangerous Entra Role You’ve (Probably) Never Heard OfEntra ID has a built-in role called “Partner Tier2 Support” that enables escalation to Global Admin, but this role is hidden from view in…6 min read·Feb 16, 2024----
Andy RobbinsinPosts By SpecterOps Team MembersDirectory.ReadWrite.All Is Not As Powerful As You Might ThinkDirectory.ReadWrite.All is an MS Graph permission that is frequently cited as granting high amounts of privilege, even being equated to the…9 min read·Feb 12, 2024----
Andy RobbinsinPosts By SpecterOps Team MembersMicrosoft Breach — What Happened? What Should Azure Admins Do?On January 25, 2024, Microsoft published a blog post that detailed their recent breach at the hands of “Midnight Blizzard”. In this blog…11 min read·Feb 2, 2024--5--5
Andy RobbinsinPosts By SpecterOps Team MembersBloodHound Community Edition: A New EraI’m proud to announce the availability of BloodHound Community Edition (BloodHound CE)!5 min read·Aug 8, 2023----
Andy RobbinsinPosts By SpecterOps Team MembersFrom DA to EA with ESC5There’s a new, practical way to escalate from Domain Admin to Enterprise Admin.9 min read·May 16, 2023----
Andy RobbinsinPosts By SpecterOps Team MembersIntroducing BloodHound 4.3 — Get Global Admin More OftenDiscover new attack paths traversing Microsoft Graph and seven new Azure Resource Manager objects.11 min read·Apr 18, 2023----
Andy RobbinsinPosts By SpecterOps Team MembersAbusing Azure App Service Managed Identity AssignmentsIntro10 min read·Feb 15, 2023----
Andy RobbinsinPosts By SpecterOps Team MembersPasswordless Persistence and Privilege Escalation in AzureAdversaries are always looking for stealthy means of maintaining long-term and stealthy persistence and privilege in a target environment…13 min read·Dec 21, 2022----
Andy RobbinsinPosts By SpecterOps Team MembersAutomating Azure Abuse Research — Part 2In Part 1 of this series, we looked at how to port functionality from the Azure GUI to PowerShell. Specifically, we looked at how to…8 min read·Aug 31, 2022----