1/3
New video! In this video we walk through the first Azure attack workshop by
youtu.be/D5gYhr6J830
We cover:
- Resetting app credentials and logging in as the service principal
- Listing Azure key vaults, listing secrets and showing secret values
Conversation
Replying to
2/3
- Bypassing Conditional Access policy
- Retrieving credentials in clear text from Azure automation account
- Accessing the database and reading PIIs
1
3
9
3/3
Want to learn more about abusing #Azure and #ActiveDirectory ? Join us at the upcoming Black hat training
Riyadh (Arabic training): blackhatmea.com/trainings-list
London: blackhat.com/eu-22/training
6
13



