Networking
- Networking
Windows
Linux
Enterprise Architecture
Mac
- Forensics
  - Page 3
Attacker Information
IR Playbook
- Activity from Unmanaged Host
- Recommendations
Reverse Engineering
- Python - Pyinstaller

Powered by GitBook

On this page

What Is OAuth 2.0
Attack
How to steal 0Auth 2 Tokens:
Detect
Detection - Audit Logs
Detection Sign-In logs
Mitigate
Don't allow users to consent without Admin approval.
Block users from adding gallery apps to My Apps.
Allow users to consent to apps only from verified publishers.
Admin Consent Settings
How to see what apps the user consented to:
Limit GraphAPI Permissoins Users Can Consent To

Enterprise Architecture

The Cloud

Azure

Attacking Azure

Initial Access

OAuth 2.0 Abuse

PreviousPassword Spraying OWA NextDevice code authentication abuse

Last updated 1 year ago