See the latest by Andy Robbins
Automating Azure Abuse Research — Part 1
Automating Azure Abuse Research — Part 1 Intro Back in February of 2020 Karl Fosaaen published a great blog...
By: Andy Robbins
May 25, 2022 • 7 min read
Read Post
Abusing Azure Container Registry Tasks
Intro and Prior Work More and more organizations are adopting cloud computing, migrating existing business processes and...
By: Andy Robbins
Apr 20, 2022 • 17 min read
Read Post
Announcing Azure in BloodHound Enterprise
In July of 2021, we launched BloodHound Enterprise. Since then, our customers have been using BHE...
By: Andy Robbins
Mar 17, 2022 • 3 min read
Read Post
Introducing BloodHound 4.1 — The Three Headed Hound
Introducing BloodHound 4.1 — The Three Headed Hound Prior Work Analyzing Active Directory attack paths using graph theory is...
By: Andy Robbins
Feb 9, 2022 • 6 min read
Read Post
Azure Privilege Escalation via Azure API Permissions Abuse
Intro and Prior Work Microsoft’s Azure is a complicated system of principals, securable objects, and the...
By: Andy Robbins
Dec 1, 2021 • 13 min read
Read Post
Azure Privilege Escalation via Service Principal Abuse
Intro and Prior Work On-prem Active Directory is here to stay, and so is Azure Active...
By: Andy Robbins
Oct 12, 2021 • 9 min read
Read Post
BloodHound versus Ransomware: A Defender’s Guide
Intro You don’t need me to tell you how dangerous and destructive ransomware is. It seems...
By: Andy Robbins
Jun 8, 2021 • 12 min read
Read Post
