- Видео 30
- Просмотров 18 385
Mauricio Velazco
Добавлен 5 апр 2010
BlackHat Europe Arsenal 2024 - msInvader : Simulating Adversary Techniques in M365 & Azure
msInvader is an adversary simulation tool designed for blue teams to simulate real-world attack techniques within M365 and Azure environments. By generating realistic attack telemetry, msInvader empowers detection engineers, SOC analysts, and threat hunters to assess, enhance, and strengthen their detection and response capabilities.
msInvader supports simulating techniques in two common attack scenarios: a compromised user account or a compromised service principal. These scenarios are critical for understanding how adversaries operate after obtaining initial access, allowing teams to simulate post-compromise behaviors and validate their detection and response mechanisms. For user account...
msInvader supports simulating techniques in two common attack scenarios: a compromised user account or a compromised service principal. These scenarios are critical for understanding how adversaries operate after obtaining initial access, allowing teams to simulate post-compromise behaviors and validate their detection and response mechanisms. For user account...
Просмотров: 761
Видео
BlackHat Arsenal 2024 - BadZure : Exploring Azure AD Attack Paths
Просмотров 1,8 тыс.5 месяцев назад
BadZure is a Python tool that utilizes Terraform to automate the setup of Azure Active Directory (now Entra ID) tenants, populating them with various entities and introducing common security misconfigurations to create vulnerable tenants with multiple attack paths. BadZure automates the creation of various entities, including users, groups, application registrations, service principals, and adm...
Simulating M365/Azure AD attackers with msInvader
Просмотров 7269 месяцев назад
msInvader is an adversary simulation tool designed for blue teams to simulate real-world attack techniques within M365 and Azure environments. By generating realistic attack telemetry, msInvader empowers detection engineers, SOC analysts, and threat hunters to assess, enhance, and strengthen their detection and response capabilities. msInvader supports simulating techniques in two common attack...
Creating vulnerable Azure AD tenants with BadZure
Просмотров 1,2 тыс.Год назад
BadZure is a PowerShell script that leverages the Microsoft Graph SDK to orchestrate the setup of Azure Active Directory tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths. Specifically, BadZure automates the process of creating multiple entities such as: users, groups, application regis...
BlackHat Arsenal 2021 - PurpleSharp: Active Directory Attack Simulations
Просмотров 2,4 тыс.3 года назад
After obtaining an initial foothold in a corporate environment, adversaries will most likely have to interact with Active Directory across the attack lifecycle before achieving operational success. Prevention has fallen short and defender's best shot at uncovering threats in their environments is to design and deploy effective monitoring/detection strategies for AD-based attacks. PurpleSharp is...
Active Directory Adversary Simulation with PurpleSharp : Password Spraying - T1110.003
Просмотров 3923 года назад
In this video we leverage PurpleSharp (github.com/mvelazc0/PurpleSharp) to execute 3 adversary simulation playbooks in an Active Directory environment for the Password Spraying technique (attack.mitre.org/techniques/T1110/003/). The 3 different playbooks allow defenders to test and measure their detection security posture against different ways of executing Password Spraying attacks within Acti...
Active Directory Adversary Simulation with PurpleSharp : Discovery - TA0007
Просмотров 4683 года назад
In this video we leverage PurpleSharp to execute 3 adversary simulation playbooks in an Active Directory environment within the Discovery ATT&CK MItre Tactic (attack.mitre.org/tactics/TA0007/) The 3 different playbooks allow defenders to test and measure their detection security posture against different ways of executing Discovery techniques, The first playbook executes 5 techniques ( T1033, T...
LimaHack 2010 - Breaking Tux: Writing exploits for GNU/Linux (Spanish)
Просмотров 394 года назад
LimaHack 2010 - Breaking Tux: Writing exploits for GNU/Linux (Spanish)
Simulating Process Injection with PurpleSharp @ EU ATT&CK Community Workshop
Просмотров 7124 года назад
Simulating Process Injection with PurpleSharp @ EU ATT&CK Community Workshop
Blue Team Village - Demo 3
Просмотров 1524 года назад
cfc.blueteamvillage.org/call-for-content-2020/talk/7RDJXZ/ github.com/mvelazc0/PurpleSharp github.com/olafhartong/ThreatHunting
Blue Team Village - Demo 2 1/2
Просмотров 594 года назад
cfc.blueteamvillage.org/call-for-content-2020/talk/7RDJXZ/ github.com/mvelazc0/PurpleSharp github.com/olafhartong/ThreatHunting
Blue Team Village - Demo 2
Просмотров 994 года назад
cfc.blueteamvillage.org/call-for-content-2020/talk/7RDJXZ/ github.com/mvelazc0/PurpleSharp github.com/olafhartong/ThreatHunting
Blue Team Village - Demo 1
Просмотров 2504 года назад
cfc.blueteamvillage.org/call-for-content-2020/talk/7RDJXZ/ github.com/mvelazc0/PurpleSharp github.com/olafhartong/ThreatHunting
PurpleSharp Demo 2 @BlackHatEvents2020
Просмотров 2804 года назад
PurpleSharp Demo 2 @BlackHatEvents2020
PurpleSharp Demo 1 @BlackHatEvents2020
Просмотров 1,2 тыс.4 года назад
PurpleSharp Demo 1 @BlackHatEvents2020
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team by Mauricio Velazco
Просмотров 1,6 тыс.4 года назад
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team by Mauricio Velazco
Thanks for the great video !
Awesome work Mauricio!
Thanks for the video...
Looking forward to this!!
Amazing!!!! Thankyou