I noticed all the tools (e.g. https://aadinternals.com/osint) for discovering other registered or managed domains using a main tenant domain are now returning only one domain. I found a following Microsoft blogpost about fixing Get-FederationInformation to not disclose related domains without authentication.
Is there still some other way to perform OSINT recon for domains via Azure tenant APIs?
[link] [comments]
from hacking: security in practice https://ift.tt/9oJTMFc
Comments
Post a Comment