./Alec Maly's Tech Blog

Tag: PowerApps [2]

[$15,000 Bounty] M365 Phish: Power Platform Privilege Escalation and Pivoting (Feb 29, 2024)
Exploring the M365 Power Platform as a means of privilege escalation and flexing control over a phishing victim's SharePoint, OneDrive, Outlook, and Microsoft Teams data.
Scanning and Hooking Dynamic, Client-Side Data in Modern Web Applications (Nov 22, 2021)
Scanning the DOM for interesting data + hooking getters/setters. Demonstrating POC w/ a PowerApps example.

All Tags

Web (10) Hacking (10) POC (10) JavaScript (7) BugReports (5) reverse-engineering (4) Cloud (4) BugBounty (4) Debugging (3) Browser (3) Development (2) Electronjs (2) Joplin (2) TypeScript (2) SharePoint (2) Chromium (2) Game-Hacking (2) Tutorial (2) Security (2) XSS (2) PowerApps (2) Microsoft (2) Power-Platform (2) Privilege-Escalation (2) Browser-Extension (2) Credential-Dumping (2) Microsoft-Edge (1) Electron.js (1) Race-Condition (1) Unity (1) Blender (1) Payment-Gateway (1) Paypal (1) Dynamic-Testing (1) PowerShell (1) WinDbg (1) WinDbg-Preview (1) x32dbg (1) x64dbg (1) mona.py (1) pykd (1) Android (1) Frida (1) BurpSuite (1) .apk (1) Java (1) linux (1) il2cpp (1) adb (1) mobile (1) Wordpress (1) Email (1) Oracle (1) VPS (1) GraphQL (1) HackerOne (1) Pentesting (1) Python (1) CTF (1) Image-Manipulation (1) M365-Services (1) Phishing (1) Google-Maps (1) Optimization (1) CodeQL (1) BugCrowd (1) ExpressVPN (1) Power-Automate (1) M365 (1) Outlook (1) OneDrive (1) Microsoft-Teams (1) AWS (1) CodeBuild (1) Azure-DevOps (1) CICD (1) GitHub (1) TextMeshPro (1) Injection (1) C# (1)