UhOh365 – O365 Enumeration

Email addresses are what malicious parties collect because the more they have, the more they can Phish/target. Having the ability to enumerate these without generating logging attempts would be a dream for them. Sure they could use other OSINT techniques and steal them, but guessing may be quicker and less work….

Finding Access Anywhere Servers Using Certificates

Remote users are a part of every organization and the need to provide external access can be a real problem. For the bigger organizations, they will most likely implement several security controls in order to isolate their users from the rest of the internet.
For some, they may want to go for the cheaper option to provide remote access……

SMB Relay Attack

SMB is commonly used for sharing files, printers and communication often between client to server. Before a client can communicate with the server or another client though, they will be required to authenticate themselves. This is simple access control…..