Add support for user dynamic group abuse (Get-DynamicAbusableGroups) - Githubissues

Gerenios / AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365

http://aadinternals.com/aadinternals

MIT License

1.2k stars 210 forks source link

Add support for user dynamic group abuse (Get-DynamicAbusableGroups) #93

Open sapirxfed opened 2 weeks ago

sapirxfed commented 2 weeks ago

This function returns Entra ID groups with user dynamic membership rule that contains attributes that can be modified by users. Related articles: https://medium.com/r3d-buck3t/abusing-dynamic-groups-in-azuread-part-1-ff12e328c8c0 https://www.mnemonic.io/resources/blog/abusing-dynamic-groups-in-azure-ad-for-privilege-escalation/ Usage: