by Ric | Jun 3, 2021 | Azure tools, Blog, Cloud
Hi, I just got confirmation that i passed my exam 🙂 I think this one is by far my favorite Course/Exam of Pentester Academy. I will divide my review in two parts. First the course: Attacking and Defending Azure AD Cloud: Beginner’s Edition and then the exam:...
by Ric | Apr 18, 2021 | Azure tools, Blog, Cloud, Herramientas / tools
365-Stealer is the tool written in python3 which steals data from victims office365 by using access_token which we get by phishing. It steals outlook mails, attachments, oneDrive files, OneNote notes and injects macros. You can find the tool here...
by Ric | Apr 11, 2021 | Azure tools, Blog, Cloud
La ventaja y el problema de cloud es que expone componentes de infaestructura que antes no estaban expuestos. Un ejemplo de esto son usuarios de AD. Ahora con Azure AD casi cualquier persona puede tratar de entrar al email de una persona y a los archivos (o365) Como...
by Ric | Apr 8, 2021 | AWS tools, Azure tools, Blog, Cloud
Hoy dí un webinar que aunque esta en ingles quedo muy bien 🙂 On Thursday 8 April, our CTO Ralph Moonen and Senior Security Specialist Ricardo Sanchez organized the webinar: “Security Challenges of a Cloud Migration”. The webinar can be viewed back. Cloud...
by Ric | Dec 10, 2020 | Azure tools, Blog, Cloud
La mejor presentación que he visto de introducción a AD por ejemplo: SLIDES_LeronGray-EnumeratingAzureADandARM Otras slides...
by Ric | Oct 18, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
Dangling Domains in AWS script for exploitation This was written by dafthack/aws-dangling-domain-discovery-tool.sh but was not working because BING updated its endpoints. Also I added some enhacements to the code. Like the last commented line, with that you can...
by Ric | Oct 17, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
AWS Honeytokens, closely related to honeypots, are ‘tripwires’ that you leave on machines and data stores as early warning indications of a breach. Using AWS IAM access keys, we can create nearly limitless honeytokens for attackers to stumble upon – and it’s...
by Ric | Sep 3, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
Todos hemos visto las pantallas de dar permisos en android o iphone o facebook, pero que pasa si les dijera que lo mismo aplica para office 365? Azure can create and register a new app that will basically function as a redirector of sorts that asks a targeted user to...
by Ric | Aug 24, 2020 | AWS tools, Azure tools, Blog, Cloud
Métodos de ataques Empezamos hablando de la diferencia entre On-prem y Cloud. Aplican los mismos ataques pero en diferentes ángulos Hay más espacios para misconfigurations Todos los resources tienen policies para hacer acciones. Osea hackear web te puede dar más...
by Ric | Aug 21, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn’t exist, if a user doesn’t exist, if the account is locked, or if the account is disabled. A...
by Ric | Aug 15, 2020 | AWS tools, Azure tools, Herramientas / tools
Check which cloud provider is hosting a particular IP address. Some providers will also have service and region listed Resolves an IP address to the cloud provider it is hosted on https://github.com/oldrho/ip2provider 17 forks. 92 stars. 6 open issues. Recent commits:...
by Ric | Aug 14, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
Currently enumerates the following: Amazon Web Services: Open S3 Buckets Protected S3 Buckets awsapps (WorkMail, WorkDocs, Connect, etc.) Microsoft Azure: Storage Accounts Open Blob Storage Containers Hosted Databases Virtual Machines Web Apps Google Cloud Platform...
by Ric | Jul 25, 2020 | Azure tools, Cloud, Herramientas / tools
ROADtools is a framework to interact with Azure AD. It currently consists of a library (roadlib) and the ROADrecon Azure AD exploration tool. ROADlib is a library that can be used to authenticate with Azure AD or to build tools that integrate with a database...
by Ric | Jul 14, 2020 | Azure tools, Cloud, Herramientas / tools
Stormspotter creates an “attack graph” of the resources in an Azure subscription. It enables red teams and pentesters to visualize the attack surface and pivot opportunities within a tenant, and supercharges your defenders to quickly orient and prioritize incident...
by Ric | Jul 12, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. It is intended to be used during penetration tests where Azure is in use. A collection of scripts...
by Ric | Jun 18, 2020 | AWS tools, Azure tools, Cloud, Herramientas / tools
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather...
by Ric | Jun 14, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
Con azure puedes buildear tu C code por ejemplo https://github.com/GhostPack/SharpUp sin instalar windows: Use a pipeline to automatically build and test your .NET Core projects. Learn how to: Set up your build environment with Microsoft-hosted or self-hosted agents....
by Ric | Jun 3, 2020 | Azure tools, Blog, Herramientas / tools
Cuando estaba haciendo el Azure 500 me encontre que recomiendan explicitamente unas baselines de CIS. Te dicen como checarlo e incluso te lo explican https://docs.microsoft.com/en-us/learn/modules/create-security-baselines/ Los domains son: Create a platform security...
by Ric | Mar 2, 2020 | AWS tools, Azure tools, Blog, Cloud
Esta es una forma maravillosa de explicar Cloud como pizza ja.