Tag: M365
- [$15,000 Bounty] M365 Phish: Power Platform Privilege Escalation and Pivoting (29 Feb 2024)
Exploring the M365 Power Platform as a means of privilege escalation and flexing control over a phishing victim's SharePoint, OneDrive, Outlook, and Microsoft Teams data. - M365 Internal Phish: Abusing the Power Platform for SharePoint/OneDrive Privilege Escalation (13 May 2022)
An internal phishing POC leveraging Microsoft 365 citizen development tools (Power Platform). Phish for access to a target user's OneDrive and all SharePoint sites they own.