a collection of my blogs from all sources
Attacking Self-Hosted Skype for Business/Microsoft Lync Installations
https://trustedsec.com/blog/attacking-self-hosted-skype-businessmicrosoft-lync-installations
Full Disclosure: Microsoft Lync for Mac 2011 susceptible to forced browsing / download attack
https://trustedsec.com/blog/full-disclosure-microsoft-lync-for-mac-2011-susceptible-to-forced-browsing-download-attack
Owning O365 Through Better Brute-Forcing
https://trustedsec.com/blog/owning-o365-through-better-brute-forcing
Achieving Passive User Enumeration with OneDrive
https://trustedsec.com/blog/achieving-passive-user-enumeration-with-onedrive
Weak in, Weak out: Keeping Password Lists Current
https://trustedsec.com/blog/weak-in-weak-out-keeping-password-lists-current
Creating a Malicious Azure AD OAuth2 Application
https://trustedsec.com/blog/creating-a-malicious-azure-ad-oauth2-application
Better Hacking Through Cracking: Know Your Rules
https://trustedsec.com/blog/better-hacking-through-cracking-know-your-rules
OneDrive to Enum Them All
https://trustedsec.com/blog/onedrive-to-enum-them-all
Shells in Plain Sight - Storing Payloads in the Cloud
https://trustedsec.com/blog/shells-in-plain-sight-storing-payloads-in-the-cloud
Enumerating 24 Million Users - Part 1
https://nyxgeek.wordpress.com/2023/09/21/enumerating-24-million-users/
Enumerating 24 Million Users - Part 2
https://nyxgeek.wordpress.com/2023/10/05/enumerating-24-million-users-part-2/
Mapping Colors with Software
https://nyxgeek.wordpress.com/2023/10/28/mapping-colors/
Unwelcome Guest: Abusing Azure Guest Access to Dump Users, Groups, and more
https://trustedsec.com/blog/unwelcome-guest-abusing-azure-guest-access-to-dump-users-groups-and-more
Full Disclosure: A Look at a Recently Patched Microsoft Graph Logging Bypass - GraphNinja
https://trustedsec.com/blog/full-disclosure-a-look-at-a-recently-patched-microsoft-graph-logging-bypass-graphninja
dirDevil: Hiding Code and Content Within Folder Structures
https://trustedsec.com/blog/dirdevil-hiding-code-and-content-within-folder-structures