With more and more organizations moving away from traditional on-prem infrastructures towards hybrid or full cloud environments, the need for breaching the network perimeter as an attacker becomes increasingly redundant to cause any impact. The primary identity solutions for companies are shifting from Active Directory towards Microsoft Entra ID, on-prem SMB shares are replaced by OneDrive and SharePoint Online, and Exchange Servers are decommissioned in favor of Exchange Online.
With the most sensitive information of an organization now being stored in the cloud, penetration testers and red teamers need to adapt their techniques and focus on this shifted attack surface. This led to the creation of GraphSpy, the Swiss Army Knife for attacking Microsoft 365 & Entra. In this workshop, you will be able to play with some of the most powerful capabilities of the tool to compromise and move laterally inside a realistic lab environment created by the author of GraphSpy.
Requirements:- This workshop requires a laptop or virtual machine on which python3 is installed (any OS should work).
The workshop will be accessible for beginners, while also being fun and challenging for the more advanced participants. Both red and blue team backgrounds are welcome!