Common Information
| Type | Value |
|---|---|
| Value |
AADInternals - S0677 |
| Category | Tool |
| Type | Mitre-Tool |
| Misp Type | Cluster |
| Description | [AADInternals](https://attack.mitre.org/software/S0677) is a PowerShell-based framework for administering, enumerating, and exploiting Azure Active Directory. The tool is publicly available on GitHub.(Citation: AADInternals Github)(Citation: AADInternals Documentation) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-05 | 66 | 俄罗斯APT组织OST工具技战术情报 | CTF导航 | ||
| Details | Website | 2024-10-31 | 5 | Maestro | ||
| Details | Website | 2024-10-31 | 12 | Maestro | ||
| Details | Website | 2024-10-17 | 4 | Mastering Cloud Threat Detection: Tracking On-Prem to Cloud Movement via Credential Access with… | ||
| Details | Website | 2024-10-15 | 2 | More ransomware is stopped before reaching encryption • The Register | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-09-27 | 5 | Embargo ransomware escalates attacks to cloud environments | ||
| Details | Website | 2024-09-26 | 52 | Storm-0501: Ransomware attacks expanding to hybrid cloud environments | ||
| Details | Website | 2024-09-26 | 50 | Storm-0501: Ransomware attacks expanding to hybrid cloud environments | Microsoft Security Blog | ||
| Details | Website | 2024-08-15 | 23 | Strategies Used by Adversaries to Steal Application Access Tokens | ||
| Details | Website | 2024-06-20 | 9 | [红队技巧] SeamlessPass:利用 Kerberos 票证访问Azure云 | ||
| Details | Website | 2023-11-07 | 10 | The Triforce of Initial Access | ||
| Details | Website | 2023-10-25 | 11 | Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog | ||
| Details | Website | 2023-10-23 | 273 | Red Team Tools | ||
| Details | Website | 2023-08-02 | 16 | Guarding the Bridge: New Attack Vectors in Azure AD Connect | ||
| Details | Website | 2023-06-07 | 5 | Threat Hunting for Business Email Compromise Through User Agents | ||
| Details | Website | 2023-06-06 | 24 | OneDrive to Enum Them All - TrustedSec | ||
| Details | Website | 2023-05-25 | 15 | Bridging the Security Gap: Mitigating Lateral Movement Risks from On-Premises to Cloud Environments | Wiz Blog | ||
| Details | Website | 2023-05-23 | 8 | Tampering with Conditional Access Policies Using Azure AD Graph API | ||
| Details | Website | 2023-04-11 | 1 | Iranian APT group launches destructive attacks in hybrid Azure AD environments | ||
| Details | Website | 2023-04-10 | 3 | Iranian Mercury APT disguises destructive campaigns as ransomware attacks | ||
| Details | Website | 2023-04-07 | 48 | MERCURY and DEV-1084: Destructive attack on hybrid environment - Microsoft Security Blog | ||
| Details | Website | 2022-09-16 | 2 | GitHub - Gerenios/AADInternals: AADInternals PowerShell module for administering Azure AD and Office 365 | ||
| Details | Website | 2022-09-13 | 2 | Azure Active Directory Pass-Through Authentication Flaws | ||
| Details | Website | 2022-04-05 | 0 | Azure Active Directory Exposes Internal Information - Threat Analysis | ||
| Details | Website | 2022-01-26 | 5 | Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA - Microsoft Security Blog |