Hello token friends, do you use the content of the access token as part of your application. Then be aware that Microsoft will switch to encrypted access token and this might break stuff.

Switch to id token. #EntraID

https://devblogs.microsoft.com/identity/access-tokens-and-id-tokens/

Do you know the Azure IP Ranges site by @derdanu.bsky.social ?

It's a great tool to filter IP ranges by service and even download them in different formats.

https://azureipranges.azurewebsites.net/

Had not see this before. What could go wrong if you allow any user to create mailboxes with nearly arbitrary name ?!

Seen via @jangeisbauer.bsky.social, thanks for sharing!

References
- www.linkedin.com/posts/jangei...
- www.cyberis.com/article/micr...
- jeffreyt.nl/2024/taking-...

I'm glad to release the tool I have been working hard on the last month: #KrbRelayEx
A Kerberos relay & forwarder for MiTM attacks!
>Relays Kerberos AP-REQ tickets
>Manages multiple SMB consoles
>Works on Win& Linux with .NET 8.0
>...
GitHub: github.com/decoder-it/K...