Sign up to save your podcasts
Or
Share Get-RoleGroup - Detecting Attacker Enumeration in Microsoft 365 Exchange with Purav Desai | EP. 7
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Get-RoleGroup - Detecting Attacker Enumeration in Microsoft 365 Exchange with Purav Desai | EP. 7
Visit my sponsor to view the current average annual salary for a Cybersecurity degree and learn how to get started.
Purav's LinkedIn
Deciphering UAL
Exchange Admin Audit Logging
Office365 Management Activity API
Connect-IPPSSession
_____________
TIMESTAMPS:
00:00 Intro
00:36 Get-RoleGroup Operation
01:37 Enumeration is not logged??
05:53 SNHU
07:22 Using the Security Compliance Center EOPCmdlet
08:54 Abusing Purview Compliance & E-Discovery
10:21 Useful Log Fields & Key Fields of note
12:48 Attack Demo
14:45 Fields to Decipher
15:51 How To Detect/Analyse
17:59 Get-RoleGroupMember
19:39 Useful Log Fields
20:30 Attack Demo
23:01 Segmentation Of Behaviors
23:57 Connect-IPPSSession
26:07 Final Thoughts
27:40 Outro
_____________
⚡️JOIN 6,000+ CWX MEMBERS ON DISCORD
📰 SUBSCRIBE TO THE CYBERWOX UNPLUGGED NEWSLETTER
🥶 CYBERWOX MERCH
_____________
🧬 CYBERWOX RESOURCES
🔹 Cyberwox Cybersecurity Notion Templates for planning your career🔹 Cyberwox Best Entry-Level Cybersecurity Resume Template
🔹 Learn AWS Threat Detection with my LinkedIn Learning Course
_____________
📱 LET'S CONNECT
→ IG
→ Threads
→ Substack
→ Twitter
→ Linkedin
→ Tiktok
Email: [email protected]
_____________
⚠️DISCLAIMER
This description has some affiliate links, and I may receive a small commission for purchases made through these links. I appreciate your support!
View all episodes
By CYBERWOXVisit my sponsor to view the current average annual salary for a Cybersecurity degree and learn how to get started.
Purav's LinkedIn
Deciphering UAL
Exchange Admin Audit Logging
Office365 Management Activity API
Connect-IPPSSession
_____________
TIMESTAMPS:
00:00 Intro
00:36 Get-RoleGroup Operation
01:37 Enumeration is not logged??
05:53 SNHU
07:22 Using the Security Compliance Center EOPCmdlet
08:54 Abusing Purview Compliance & E-Discovery
10:21 Useful Log Fields & Key Fields of note
12:48 Attack Demo
14:45 Fields to Decipher
15:51 How To Detect/Analyse
17:59 Get-RoleGroupMember
19:39 Useful Log Fields
20:30 Attack Demo
23:01 Segmentation Of Behaviors
23:57 Connect-IPPSSession
26:07 Final Thoughts
27:40 Outro
_____________
⚡️JOIN 6,000+ CWX MEMBERS ON DISCORD
📰 SUBSCRIBE TO THE CYBERWOX UNPLUGGED NEWSLETTER
🥶 CYBERWOX MERCH
_____________
🧬 CYBERWOX RESOURCES
🔹 Cyberwox Cybersecurity Notion Templates for planning your career🔹 Cyberwox Best Entry-Level Cybersecurity Resume Template
🔹 Learn AWS Threat Detection with my LinkedIn Learning Course
_____________
📱 LET'S CONNECT
→ IG
→ Threads
→ Substack
→ Twitter
→ Linkedin
→ Tiktok
Email: [email protected]
_____________
⚠️DISCLAIMER
This description has some affiliate links, and I may receive a small commission for purchases made through these links. I appreciate your support!