azurekid
commented
1 year ago @dolevshor Hope this will be added to this amazing solution.
Closed azurekid closed 11 months ago
azurekid
commented
1 year ago @dolevshor Hope this will be added to this amazing solution.
azurekid
commented
1 year ago @dolevshor friendly reminder. If there is anything I can help with to maintain this project, please let me know.
dolevshor
commented
11 months ago @azurekid First, thank you very much for the suggestion. I am debating whether certificates fall into the category of orphaned resources? I would love to hear your point of view.
azurekid
commented
11 months ago Hi @dolevshor, from a security point of view it doesn't really matter. But because these certificates are Azure resources, they should be cleaned up once expired.
From a red teamer point of view, iet could be interesting to see what old names were attached to web applications based on the expired certificates, and abuse this information to create a malicious web app with the same name and a new certificate.
dolevshor
commented
11 months ago Hi @azurekid, It makes sense that they would be classified as orphaned resources.
I will make sure to add your suggestion to v2.0. (I will publish it today).
azurekid
commented
11 months ago Hi @azurekid, It makes sense that they would be classified as orphaned resources.
I will make sure to add your suggestion to v2.0. (I will publish it today).
Thanks man!
Please shout out if I can help reviewing code etc. Love doing community work 💪
dolevshor
commented
11 months ago Hi @azurekid ,
Now the orphaned Certificates is include in the workbook as part of the v2.0 release. I close the PR.
Thanks again for this contribution!
Change(s):
Updates Workbook/Orphan Resources.json
Reason for Change(s):
added type to code blocks to enable syntax highlighting.
Testing Completed:
Validated if the query was working correctly by extending the lookback period to see results of expired certificates that are attached to a web application.