Red Team and Incident Response Series Part 1: Token Manipulation and Spear Phishing |TokenTacticsV2

Red Team and Incident Response Series Part 1: Token Manipulation and Spear Phishing using MGgraph and TokenTacticsV2
This is a series for the Red Team perspective and the end of the series. We will cover how to respond and best practices.
Today's Part 1 is based of successful AITM attack. This will include a live demo of EvilGinx2 to collect the session token.
We will cover the main concepts of the 3 token in Azure Active Directory and how to manipulate the token in order to move from Office log in to using other client such as Microsoft Graph.
The demo will use tokentacticsv2 to demonstrate and explain token and request new token for a different client.
Microsoft Graph is API that can allow actions such as enumeration of the Azure Active Directory , creating new user, sending and reading mail and many others.
This demo is focus in the initial access, enumeration of the AAD Users and creating a new user owned by the "malicious actor".
#azure #azurecloud #azuresecurity #microsoft #microsoft365 #microsoftazure #microsoft #microsoftsecurity #security #securityawareness #securityanalyst #soc #hacking #hacker #hackers #ethicalhacking #ethicalhackingtraining #ethicalhacker #ethicalhackers #azureactivedirectory #entraid #phishingattacks #phishingattack #phishing #phishingawareness #aitm #token #tokens #cyberattack #cyberdefense #cyber #cyberawareness #m365 #womenincybersecurity #womeintech #womenincyber #aitm

Видео Red Team and Incident Response Series Part 1: Token Manipulation and Spear Phishing |TokenTacticsV2 канала Sofia Marin CyberSecurity