writeups.xyz writeups.xyz / Joosua Santasalo (@SantasaloJoosua)

Title Vulnerabilities Programs Authors
Azure Monitor – Malicious KQL Query
Gaining Unlimited access to graph AuditLogs endpoint using complex filters with non-privileged user account
MSRC – Joint security research write up – Azure AD Consent bypass disclosure with Kim Jamia – Q1/2022