@TRUExDEMON

This talk will focus on using targeted organization's own cloud infrastructure against it in order to gather actionable intelligence against it. The Microsoft Cloud in particular holds a vast amount of information that can be gathered with automated tools thanks to the built-in APIs and Powershell libraries. Access to the cloud must be obtained through an authenticated session, but does not require a domain joined machine, only user-based access. A thorough description and catalog of the information that can be found in the cloud will be given, along with a simple, user-friendly tool for gathering it with ease. This talk will also describe a handful of scenarios where this information can be used to carry out further attacks, perform internal phishing, and abuse built-in features to eventually pop shell without launching a single exploit.

I'm a passionate hacker and tech geek that has been playing with computers since my first Windows 98 machine I built in 2000. Generally speaking, I just enjoy computers and hacking. They're my favorite things to play with, teach and talk about. I started in the information security field around 2012 and spent a long career in various IT roles working towards becoming a penetration tester. I've since gotten that chance after coming on board with SecureState in the beginning of 2017 and have been free to pursue my personal goals of tool and exploit development, malware research, and other cool stuff like that. I've been doing digital forensics, a bit of coding, penetration testing, and consulting for the past five years and even have done some writing. I have one published book, The Hacker Ethos, which I self-published under my handle in 2015.

Back to BSides Cleveland 2018 video list