How to Find MFA Bypasses in Conditional Access Policies

great video. very well-condensed and no needless tangents. so many other people would've made this video 30 mins long. this is perfect, keep it up.

Very informative video. I'm 100% going to be replicating this / testing a couple of scenarios myself. Thank you for sharing this knowledge 👍 Keep up the good work!

Wow, this is great info! Going to share with my team on Monday. Big thanks!

Very well presented and straight to points with demos, nice work!
Shows the importance of a policy which blocks access all operating systems but allows connections from operating systems which you supported, such as iOS, Android, Windows and MacOS. Like the tools you showed and thanks for sharing.
Subscribed.

This is a great video. Appreciate you creating the tool, will def be leveraging tomorrow morning lol.

Hey Beau - Great video! First time I watched your content and I do like it a lot! Skills to pay the bills, keep it rolling. SUBSCRIBED !!!

Solid breakdown, thanks Beau.

Wonderful video, totally an uncommon topic , subbed

Great video, great tool, a great addition to my toolbox! Thanks for the hard work

Yeah, I'm gonna need nobandwidth intro music bro ;)

Amazing video. Exactly what I was looking for.
Subbed

Great video. Please do more mfa hacking and protecting.

Beau - the account that was 'compromised' for your example and that you utilized to do your MFA sweep -- was it elevated at all? any admin permission roles?

Can't find the device emulation mode in my (fully patched) Edge browser. How did you open it? 🤔

Great content as usual 👏👏
what is the best way to perform OPSEC during Azure Pentesting for example!!

Brilliant information! Thank you

Very interesting! Nice video.

Hi! I have built some CA policies that I'm pretty sure are watertight but just wanted to check with this script. However, I get a "Login appears to have failed" on almost all the logins? The Graph API and the Azure mgmt API are the two only ones that give me the green text with "the response indicates MFA is in use"

I want to bypass MFA under trusted IP network. Set conditional access policy and added my IP as trusted ip still facing the MFA prompt.

A great video. Thanks voor sharing.

hehehhe it's WORKING!! :) THANKS!! for creating this powershell script ..liked and subscribed

so if you were to use -UsersPermissionToReadOtherUsersEnabled FALSE , would this keep tools like MFA sweep from getting this info ?

What privileges did the (breached) account hold?

Great video.

Spreadin them sheets 😎

Is there a way to bypass my antivirus? This script contains malicious content and has been blocked by your antivirus software.

Great Video!!

Can you do this in bulk? Instead per user per group per instance

Does not work for me for Import I get a The ampersand (&) character is not allowed.

Thanks for the video and tool. What if the company uses a federation service like Ping/Okta, I assume your tool wouldn't support that as the fields to stuff username / password would be different than MS's login screens

Cool

The title should be clearer that this is for cloud and doesn't apply to Windows Server

Cool