Very informative video. I'm 100% going to be replicating this / testing a couple of scenarios myself. Thank you for sharing this knowledge 👍 Keep up the good work!
Very well presented and straight to points with demos, nice work! Shows the importance of a policy which blocks access all operating systems but allows connections from operating systems which you supported, such as iOS, Android, Windows and MacOS. Like the tools you showed and thanks for sharing. Subscribed.
Beau - the account that was 'compromised' for your example and that you utilized to do your MFA sweep -- was it elevated at all? any admin permission roles?
Hi! I have built some CA policies that I'm pretty sure are watertight but just wanted to check with this script. However, I get a "Login appears to have failed" on almost all the logins? The Graph API and the Azure mgmt API are the two only ones that give me the green text with "the response indicates MFA is in use"
Thanks for the video and tool. What if the company uses a federation service like Ping/Okta, I assume your tool wouldn't support that as the fields to stuff username / password would be different than MS's login screens
![Why Your Conditional Access Policies Are Failing [5 Major Pitfalls]](http://i.ytimg.com/vi/IHaGbM7L7b0/mqdefault.jpg)
great video. very well-condensed and no needless tangents. so many other people would've made this video 30 mins long. this is perfect, keep it up.
Very informative video. I'm 100% going to be replicating this / testing a couple of scenarios myself. Thank you for sharing this knowledge 👍 Keep up the good work!
Wow, this is great info! Going to share with my team on Monday. Big thanks!
Very well presented and straight to points with demos, nice work!
Shows the importance of a policy which blocks access all operating systems but allows connections from operating systems which you supported, such as iOS, Android, Windows and MacOS. Like the tools you showed and thanks for sharing.
Subscribed.
This is a great video. Appreciate you creating the tool, will def be leveraging tomorrow morning lol.
Hey Beau - Great video! First time I watched your content and I do like it a lot! Skills to pay the bills, keep it rolling. SUBSCRIBED !!!
Great video, great tool, a great addition to my toolbox! Thanks for the hard work
Wonderful video, totally an uncommon topic , subbed
Solid breakdown, thanks Beau.
Yeah, I'm gonna need nobandwidth intro music bro ;)
Amazing video. Exactly what I was looking for.
Subbed
Beau - the account that was 'compromised' for your example and that you utilized to do your MFA sweep -- was it elevated at all? any admin permission roles?
Curious about this as well
Great content as usual 👏👏
what is the best way to perform OPSEC during Azure Pentesting for example!!
Great video. Please do more mfa hacking and protecting.
Can't find the device emulation mode in my (fully patched) Edge browser. How did you open it? 🤔
Brilliant information! Thank you
hehehhe it's WORKING!! :) THANKS!! for creating this powershell script ..liked and subscribed
hi can you help me authenticate my account?
Hi! I have built some CA policies that I'm pretty sure are watertight but just wanted to check with this script. However, I get a "Login appears to have failed" on almost all the logins? The Graph API and the Azure mgmt API are the two only ones that give me the green text with "the response indicates MFA is in use"
A great video. Thanks voor sharing.
Very interesting! Nice video.
so if you were to use -UsersPermissionToReadOtherUsersEnabled FALSE , would this keep tools like MFA sweep from getting this info ?
Great video.
Great Video!!
What privileges did the (breached) account hold?
Spreadin them sheets 😎
Can you do this in bulk? Instead per user per group per instance
I want to bypass MFA under trusted IP network. Set conditional access policy and added my IP as trusted ip still facing the MFA prompt.
Thanks for the video and tool. What if the company uses a federation service like Ping/Okta, I assume your tool wouldn't support that as the fields to stuff username / password would be different than MS's login screens
Common misconfig includes ROPC working (e.g. MFA enforced at identity provider, but not in AAD) - so ROPC attack works and AAD gives out access token.
hi bro, did you get how to authenticate mfa? i need help
Is there a way to bypass my antivirus? This script contains malicious content and has been blocked by your antivirus software.
Does not work for me for Import I get a The ampersand (&) character is not allowed.
Cool
The title should be clearer that this is for cloud and doesn't apply to Windows Server