Table of Content

Reference Slides / Notes

AttackingAzureAD-34-42.pdf

Blogs/Talks

• https://www.youtube.com/watch?v=4NpT78zxZEo
  • https://aadinternals.com/talks/
  • https://aadinternals.com/aadinternals/
• https://blog.pwnedlabs.io/mapping-attack-surface-for-azure-initial-access
• https://dstreefkerk.github.io/2025-07-m365-email-osint-after-lockdown/

Tools

• MSFTRecon : https://github.com/Arcanum-Sec/msftrecon
• CloudBrute - Tool to find a cloud infrastructure of a company on top Cloud providers
• cloud_enum - Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud
• Azucar - Security auditing tool for Azure environments
• CrowdStrike Reporting Tool for Azure (CRT) - Query Azure AD/O365 tenants for hard to find permissions and configuration settings
• ScoutSuite - Multi-cloud security auditing tool. Security posture assessment of different cloud environments.