by Ric | Apr 18, 2021 | Azure tools, Blog, Cloud, Herramientas / tools
365-Stealer is the tool written in python3 which steals data from victims office365 by using access_token which we get by phishing. It steals outlook mails, attachments, oneDrive files, OneNote notes and injects macros. You can find the tool here...
by Ric | Apr 11, 2021 | Azure tools, Blog, Cloud
La ventaja y el problema de cloud es que expone componentes de infaestructura que antes no estaban expuestos. Un ejemplo de esto son usuarios de AD. Ahora con Azure AD casi cualquier persona puede tratar de entrar al email de una persona y a los archivos (o365) Como...
by Ric | Oct 17, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
AWS Honeytokens, closely related to honeypots, are ‘tripwires’ that you leave on machines and data stores as early warning indications of a breach. Using AWS IAM access keys, we can create nearly limitless honeytokens for attackers to stumble upon – and it’s...
by Ric | Sep 3, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
Todos hemos visto las pantallas de dar permisos en android o iphone o facebook, pero que pasa si les dijera que lo mismo aplica para office 365? Azure can create and register a new app that will basically function as a redirector of sorts that asks a targeted user to...
by Ric | Aug 25, 2020 | Blog, Cloud
Gaining Access review Que tienen la organización la nube? Que método tienen hybrid? All cloud? Solo para unas resources Situational Awareness Una cez adentro, que credenciales tienes? Que roles? Hay MFA? A que sistemas podemos acceder? Quienes son los admins? Como...
by Ric | Aug 24, 2020 | AWS tools, Azure tools, Blog, Cloud
Métodos de ataques Empezamos hablando de la diferencia entre On-prem y Cloud. Aplican los mismos ataques pero en diferentes ángulos Hay más espacios para misconfigurations Todos los resources tienen policies para hacer acciones. Osea hackear web te puede dar más...
by Ric | Aug 24, 2020 | Blog, Cloud
Hoy voy a empezar un curso de Breaching the Cloud w/ Beau Bullock. Nos pidieron instalar, Kali, Windows VM, terraform, pacu, y abrir cuentas especificas de AWS y Azure para el curso. La descripción es: —————- Do you want to level up your...
by Ric | Aug 21, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn’t exist, if a user doesn’t exist, if the account is locked, or if the account is disabled. A...
by Ric | Aug 15, 2020 | AWS tools, Azure tools, Herramientas / tools
Check which cloud provider is hosting a particular IP address. Some providers will also have service and region listed Resolves an IP address to the cloud provider it is hosted on https://github.com/oldrho/ip2provider 17 forks. 86 stars. 7 open issues. Recent commits:...
by Ric | Aug 14, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
Currently enumerates the following: Amazon Web Services: Open S3 Buckets Protected S3 Buckets awsapps (WorkMail, WorkDocs, Connect, etc.) Microsoft Azure: Storage Accounts Open Blob Storage Containers Hosted Databases Virtual Machines Web Apps Google Cloud Platform...
by Ric | Jul 25, 2020 | Azure tools, Cloud, Herramientas / tools
ROADtools is a framework to interact with Azure AD. It currently consists of a library (roadlib) and the ROADrecon Azure AD exploration tool. ROADlib is a library that can be used to authenticate with Azure AD or to build tools that integrate with a database...
by Ric | Jul 14, 2020 | Azure tools, Cloud, Herramientas / tools
Stormspotter creates an “attack graph” of the resources in an Azure subscription. It enables red teams and pentesters to visualize the attack surface and pivot opportunities within a tenant, and supercharges your defenders to quickly orient and prioritize incident...
by Ric | Jul 12, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. It is intended to be used during penetration tests where Azure is in use. A collection of scripts...
by Ric | Jun 18, 2020 | AWS tools, Azure tools, Cloud, Herramientas / tools
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather...
by Ric | Jun 14, 2020 | Azure tools, Blog, Cloud, Herramientas / tools
Con azure puedes buildear tu C code por ejemplo https://github.com/GhostPack/SharpUp sin instalar windows: Use a pipeline to automatically build and test your .NET Core projects. Learn how to: Set up your build environment with Microsoft-hosted or self-hosted agents....
by Ric | Jun 7, 2020 | Blog, Cloud
Azure AD Azure AD is Microsoft’s cloud-based identity and access management service which provides single sign-on and multi-factor authentication. Azure AD is not a cloud version of Windows Server Active Directory. It’s also not intended as a complete...
by Ric | Jun 6, 2020 | Blog
Azure virtual networks provide key networking capabilities: Isolation and segmentation Internet communications Communicate between Azure resources Communicate with on-premises resources point to site vpn site to site vpn express route Route network traffic Filter...
by Ric | Jun 3, 2020 | Azure tools, Blog, Herramientas / tools
Cuando estaba haciendo el Azure 500 me encontre que recomiendan explicitamente unas baselines de CIS. Te dicen como checarlo e incluso te lo explican https://docs.microsoft.com/en-us/learn/modules/create-security-baselines/ Los domains son: Create a platform security...
by Ric | Jun 2, 2020 | Blog, Cloud
Defense in depth Each layer can implement one or more of the CIA concerns. Defense in depth # Ring Example Principle 1 Data Data encryption at rest in Azure blob storage Integrity 2 Application SSL/TLS encrypted sessions Integrity 3 Compute Regularly apply OS and...
by Ric | Jun 2, 2020 | Blog, Cloud
Entonces, ayer pase Azure Fundamentals 900, ahora empezaré: AZ-500: Microsoft Azure Security Technologies que me hará un Azure Security Engineer Associate. El plan es hacer 2 horas diarias y 4 horas los fines de semana. Learning path Total En fundamentals Secure your...
by Ric | May 30, 2020 | Blog, Cloud
Pues, he decidido aprender más de cloud porque siento que todos mis pentests me llevan a eso. El plan general es Azure fundamentals y luego security 500 (tal vez administrator) y luego AWS Fundamentals y Security Speciality. Planeo ponerle un poco de pentesting en...
by Ric | May 13, 2020 | Blog, Cloud