The Chinese cyber-espionage collective UAT-8302 has, for nearly a annum, conducted surreptitious incursions against governmental entities across South America and Europe, utilizing a sophisticated arsenal linked to several prominent Chinese threat actors. Analysts at...
The Harvester threat collective has re-emerged, wielding a sophisticated instrument designed to elude conventional defensive parameters. Security researchers have identified a nascent iteration of the GoGra backdoor for Linux, which surreptitiously camouflages its presence...
The necessity of rebooting following the installation of security updates has long been a source of profound exasperation for both administrators and personnel. The computational host ingests the remediation, yet the defensive perimeter remains...
M365Pwned Red Team tooling for Microsoft 365 exploitation via Microsoft Graph API. Two WinForms GUI tools for enumerating, searching, and exfiltrating data from M365 environments using application-level OAuth tokens — no user interaction required....
Researchers have documented the inaugural instance of a deleterious Microsoft Outlook extension proliferating through the official Office Add-in Store. The focal point of this incursion is AgreeTo, a legacy scheduling utility. While the original...
OAuthSeeker is an red team tool for performing phishing attacks using malicious OAuth applications to compromise user identities within Microsoft Azure and Office365. Features OAuthSeeker provides the following key features: Azure App OAuth Phishing: Perform OAuth...
SharpGraphView Sharp post-exploitation toolkit providing modular access to the Microsoft Graph API (graph.microsoft.com) for cloud and red team operations. Methods Auth Methods: Command Description Get-GraphTokens Get graph token via device code phish (saved to graph_tokens.txt)...
Cybercriminals are increasingly harnessing Microsoft Graph API to manage malicious software and evade detection systems. According to researchers from Symantec, such actions are designed to facilitate communication with C2 infrastructure hosted on Microsoft’s cloud...