Skip to content

BeyondTrust/research

Repository files navigation

research

This repo contains a list of known security exploits and misconfigurations for various systems / software produced by BeyondTrust's research team. The repo aims to provide automated scripts to setup and then demonstrate how each exploit / misconfiguration can be used. This is designed to make BeyondTrust's research reproducible, so exploits can be better understood and recreated by a wider audience. The root level folders are organized into 'domains' with subfolders containing specific exploits within that domain.

exploits

  • entra - Entra ID / Azure Active Directory
    • apps - security misconfigurations that revolve around highly privileged apps in Entra