Common Information
| Type | Value |
|---|---|
| Value |
AADInternals - S0677 |
| Category | Tool |
| Type | Mitre-Tool |
| Misp Type | Cluster |
| Description | [AADInternals](https://attack.mitre.org/software/S0677) is a PowerShell-based framework for administering, enumerating, and exploiting Azure Active Directory. The tool is publicly available on GitHub.(Citation: AADInternals Github)(Citation: AADInternals Documentation) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2021-12-06 | 51 | Suspected Russian Activity Targeting Government and Business Entities Around the Globe | Mandiant | ||
| Details | Website | 2021-11-23 | 9 | How to Detect Azure Active Directory Backdoors: Identity Federation | ||
| Details | Website | 2021-10-25 | 8 | NOBELIUM targeting delegated administrative privileges to facilitate broader attacks - Microsoft Security Blog | ||
| Details | Website | 2021-01-31 | 14 | BPRT unleashed: Joining multiple devices to Azure AD and Intune | ||
| Details | Website | 2020-10-27 | 2 | Abusing Teams client protocol to bypass Teams security policies | ||
| Details | Website | 2020-09-30 | 6 | Detecting Microsoft 365 and Azure Active Directory Backdoors | Mandiant | ||
| Details | Website | 2020-09-06 | 28 | Bypassing conditional access by faking device compliance. |