EntraID (Azure Active Directory)

• ROADtools - A collection of Azure AD tools for offensive and defensive security purposes.
• TokenTactics - Azure JWT Token Manipulation Toolset.
• AzureAD-Attack-Defense - This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
• BadZure - BadZure orchestrates the setup of Azure Active Directory tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.
• AADInternals - The ultimate Azure AD / Microsoft 365 hacking and admin toolkit.