Hey friends, sorry for the late episode but I’ve been deep in the trenches of pentest adventures.  I’ll do a more formal tale of pentest pwnage when I come up for air, but for now I wanted to share some tips I’ve picked up from recent engagements:

• GraphRunner – awesome PowerShell toolkit for interacting with Microsoft Graph API.  From a pentesting perspective, it may help you bridge the “gap” between LAN-side AD and Azure and find some goodies – like files with and XSLX extension containing the word password.
• PowerUpSQL -I typically use this to make SQL servers cough me up a hash via SMB using stored procedures, but I learned this week that I’ll deeeefffffinitely use the Invoke-SQLAudit -Verbose functionality going forward.