This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected. All of the included scenarios, insights and comments are based on experiences from the contributors during their attack simulations, hands-on or real-world scenarios.
It should be considered a living document, which has to be updated as practices progress and changes in attack and defense techniques. We invite identity or security experts from the community to work together on this publication and contribute updates, feedbacks, comments or further additions.
- Hybrid Identity Components
- Phishing
 Joosua Santasalo π¬ π |
 Sami Lamppu π¬ π |
 Thomas Naunheim π¬ π |
-
Update or new content (Pull Request): As already mentioned, we like to have a living document which is driven by the Azure AD community! Share your results and insights as part of this project! Send a pull request to add your content to this project.
-
Issues/Outdated content: Protection features or tools changes continually. Update the out-dated content (as part of pull request) or create an issue to point out
-
Reviewer: We also look for experts who want to review or discuss the existing or new content before publishing!
-
Feedback: Feel free to suggest attack/defense scenarios that could be interesting for the community. We will add them to the backlog and idea collection!