GraphRunner: A Post-Exploitation Toolset for M365 – Beau Bullock & Steve Borosh

During this presentation, I will provide an in-depth exploration of GraphRunner’s features, showcasing its role in elevating post-exploitation strategies. Designed to empower both red team professionals and defenders, this toolset equips users with a means to navigate the intricate Graph API at the heart of M365 and manipulate it for offensive purposes. GraphRunner offers functionalities that aid in lateral movement, data exfiltration, privilege escalation, and persistence within M365 accounts. By offering practical demonstrations of the toolset’s capabilities, this talk aims to bridge the gap between theoretical attack concepts and their tangible real-world application.

Breaching the Cloud w/ Beau Bullock

Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this training course, hacking concepts will be introduced for each of those services.

Tag: Beau Bullock

GraphRunner: A Post-Exploitation Toolset for M365 – Beau Bullock & Steve Borosh

WWHF Pre-Conference Training

Wild West Hackin’ Fest