This repo contains a list of known security exploits and misconfigurations for various systems / software produced by BeyondTrust's research team. The repo aims to provide automated scripts to setup and then demonstrate how each exploit / misconfiguration can be used. This is designed to make BeyondTrust's research reproducible, so exploits can be better understood and recreated by a wider audience. The root level folders are organized into 'domains' with subfolders containing specific exploits within that domain.
entra- Entra ID / Azure Active Directoryapps- security misconfigurations that revolve around highly privileged apps in Entra