Detecting GraphStrike’s Achilles heel with KQL
Blog PostsSome time ago, I stumbled upon an interesting blog post by Alex Reid, writing about the development process of an offensive tool called “GraphStrike”. The concept of this offensive tool is quite simple – this tool is a C2 beacon that routes its traffic over Microsoft’s Graph API. This kind of traffic is quite stealthy… READ MORE