
Andy Robbins
See the latest by Andy Robbins

Abusing Azure App Service Managed Identity Assignments
Intro Azure App Service is a Platform-as-a-Service product that promises to improve web application deployment, hosting,...
By: Andy Robbins
Feb 15, 2023 • 11 min read
Read Post
Passwordless Persistence and Privilege Escalation in Azure
Adversaries are always looking for stealthy means of maintaining long-term and stealthy persistence and privilege in...
By: Andy Robbins
Dec 21, 2022 • 16 min read
Read Post

Introducing BloodHound 4.2 — The Azure Refactor
Introducing BloodHound 4.2 — The Azure Refactor The BloodHound Enterprise team is proud to announce the release of BloodHound...
By: Andy Robbins
Aug 3, 2022 • 8 min read
Read Post
Managed Identity Attack Paths, Part 3: Function Apps
Intro and Prior Work In this three part blog series we have explored attack paths that emerge...
By: Andy Robbins
Jun 8, 2022 • 10 min read
Read Post
Managed Identity Attack Paths, Part 2: Logic Apps
Intro and Prior Work In this three part blog series we are exploring attack paths that emerge...
By: Andy Robbins
Jun 7, 2022 • 9 min read
Read Post
Managed Identity Attack Paths, Part 1: Automation Accounts
Intro and Prior Work In this three part blog series we will explore attack paths that emerge...
By: Andy Robbins
Jun 6, 2022 • 12 min read
Read Post
Automating Azure Abuse Research — Part 1
Automating Azure Abuse Research — Part 1 Intro Back in February of 2020 Karl Fosaaen published a great blog...
By: Andy Robbins
May 25, 2022 • 7 min read
Read Post
Abusing Azure Container Registry Tasks
Intro and Prior Work More and more organizations are adopting cloud computing, migrating existing business processes and...