Sunday, January 29, 2023
spot_img
HomeToolsMandiant-Azure-AD-Investigator

Mandiant-Azure-AD-Investigator

 

Artifacts that may be indicative of UNC2452 and other threat actor activity are detected using a PowerShell module.

Features:

  1. Signing Certificate with an Unusual Validity Period.
  2. Inconsistent Signature Certificate
  3. Azure Active Directory Backdoor (any.sts)
  4. Domains that are federated
  5. Domains that haven’t been confirmed.

Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purposes.

Download link: https://github.com/mandiant/Mandiant-Azure-AD-Investigator

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -spot_img

Most Popular

Recent Comments

亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us