See the latest by Andy Robbins
There’s a new, practical way to escalate from Domain Admin to Enterprise Admin. ESC5 You’ve heard...
By: Andy Robbins
May 16, 2023 • 9 min read
Read Post
Introducing BloodHound 4.3 — Get Global Admin More Often
Introducing BloodHound 4.3 — Get Global Admin More Often Discover new attack paths traversing Microsoft Graph and seven new...
By: Andy Robbins
Apr 18, 2023 • 14 min read
Read Post
Abusing Azure App Service Managed Identity Assignments
Intro Azure App Service is a Platform-as-a-Service product that promises to improve web application deployment, hosting,...
By: Andy Robbins
Feb 15, 2023 • 11 min read
Read Post
Passwordless Persistence and Privilege Escalation in Azure
Adversaries are always looking for stealthy means of maintaining long-term and stealthy persistence and privilege in...
By: Andy Robbins
Dec 21, 2022 • 16 min read
Read Post
Introducing BloodHound 4.2 — The Azure Refactor
Introducing BloodHound 4.2 — The Azure Refactor The BloodHound Enterprise team is proud to announce the release of BloodHound...
By: Andy Robbins
Aug 3, 2022 • 8 min read
Read Post
Managed Identity Attack Paths, Part 3: Function Apps
Intro and Prior Work In this three part blog series we have explored attack paths that emerge...
By: Andy Robbins
Jun 8, 2022 • 10 min read
Read Post
Managed Identity Attack Paths, Part 2: Logic Apps
Intro and Prior Work In this three part blog series we are exploring attack paths that emerge...
By: Andy Robbins
Jun 7, 2022 • 9 min read
Read Post
Managed Identity Attack Paths, Part 1: Automation Accounts
Intro and Prior Work In this three part blog series we will explore attack paths that emerge...