Very well presented and straight to points with demos, nice work! Shows the importance of a policy which blocks access all operating systems but allows connections from operating systems which you supported, such as iOS, Android, Windows and MacOS. Like the tools you showed and thanks for sharing. Subscribed.
Beau - the account that was 'compromised' for your example and that you utilized to do your MFA sweep -- was it elevated at all? any admin permission roles?
Very informative video. I'm 100% going to be replicating this / testing a couple of scenarios myself. Thank you for sharing this knowledge 👍 Keep up the good work!
Hi! I have built some CA policies that I'm pretty sure are watertight but just wanted to check with this script. However, I get a "Login appears to have failed" on almost all the logins? The Graph API and the Azure mgmt API are the two only ones that give me the green text with "the response indicates MFA is in use"
Thanks for the video and tool. What if the company uses a federation service like Ping/Okta, I assume your tool wouldn't support that as the fields to stuff username / password would be different than MS's login screens
great video. very well-condensed and no needless tangents. so many other people would've made this video 30 mins long. this is perfect, keep it up.
Very well presented and straight to points with demos, nice work!
Shows the importance of a policy which blocks access all operating systems but allows connections from operating systems which you supported, such as iOS, Android, Windows and MacOS. Like the tools you showed and thanks for sharing.
Subscribed.
Beau - the account that was 'compromised' for your example and that you utilized to do your MFA sweep -- was it elevated at all? any admin permission roles?
Curious about this as well
Can't find the device emulation mode in my (fully patched) Edge browser. How did you open it? 🤔
Very informative video. I'm 100% going to be replicating this / testing a couple of scenarios myself. Thank you for sharing this knowledge 👍 Keep up the good work!
Wow, this is great info! Going to share with my team on Monday. Big thanks!
Hi! I have built some CA policies that I'm pretty sure are watertight but just wanted to check with this script. However, I get a "Login appears to have failed" on almost all the logins? The Graph API and the Azure mgmt API are the two only ones that give me the green text with "the response indicates MFA is in use"
This is a great video. Appreciate you creating the tool, will def be leveraging tomorrow morning lol.
Hey Beau - Great video! First time I watched your content and I do like it a lot! Skills to pay the bills, keep it rolling. SUBSCRIBED !!!
so if you were to use -UsersPermissionToReadOtherUsersEnabled FALSE , would this keep tools like MFA sweep from getting this info ?
What privileges did the (breached) account hold?
I want to bypass MFA under trusted IP network. Set conditional access policy and added my IP as trusted ip still facing the MFA prompt.
Yeah, I'm gonna need nobandwidth intro music bro ;)
Great video, great tool, a great addition to my toolbox! Thanks for the hard work
Solid breakdown, thanks Beau.
Wonderful video, totally an uncommon topic , subbed
Can you do this in bulk? Instead per user per group per instance
Amazing video. Exactly what I was looking for.
Subbed
Is there a way to bypass my antivirus? This script contains malicious content and has been blocked by your antivirus software.
Great video. Please do more mfa hacking and protecting.
Does not work for me for Import I get a The ampersand (&) character is not allowed.
Great content as usual 👏👏
what is the best way to perform OPSEC during Azure Pentesting for example!!
Brilliant information! Thank you
Very interesting! Nice video.
A great video. Thanks voor sharing.
hehehhe it's WORKING!! :) THANKS!! for creating this powershell script ..liked and subscribed
hi can you help me authenticate my account?
Great video.
Thanks for the video and tool. What if the company uses a federation service like Ping/Okta, I assume your tool wouldn't support that as the fields to stuff username / password would be different than MS's login screens
Common misconfig includes ROPC working (e.g. MFA enforced at identity provider, but not in AAD) - so ROPC attack works and AAD gives out access token.
hi bro, did you get how to authenticate mfa? i need help
Great Video!!
Spreadin them sheets 😎
Cool
The title should be clearer that this is for cloud and doesn't apply to Windows Server