└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | 
 2 | ![IMG_6146](https://user-images.githubusercontent.com/25904307/104650994-55000280-56b7-11eb-978f-eb47afa21ce5.JPG)
 3 | 
 4 | # Where To Go with account in the corporate environment.
 5 | Due to security assessments of different projects, I found different leaked/exposed accounts on the domain of the organization. But every time it was so difficult to discover the place where I can reuse those credentials and how can I expand my attack surface. 
 6 | I started collecting a list of popular technological services which might have high value in case of improper access. This project should help researchers, pentesters, bounty-hunters to expand the risks of compromised accounts in the corporate environment.
 7 |   
 8 |  
 9 | # 
10 | Service Name | Trusted login providers
11 | ------------ | -------------
12 | [Gitlab](https://gitlab.com/users/sign_in) | Google, Salesforce, Github, Bitbucket, Twitter
13 | [Travis CI](https://travis-ci.com/signin) | Github, Bitbucket, Gitlab, Assembla
14 | [Grafana](https://grafana.com/login) | Google, Github, Microsoft
15 | [Sentry](https://sentry.io/auth/login/) | Google, Github, Azure DevOps
16 | [Slack](https://slack.com/signin#/signin) | Google
17 | [Raygun](https://app.raygun.com/) | Github, Twitter, Facebook, Google
18 | [Datadog](https://app.datadoghq.com/) | Google
19 | [Atlassian](https://www.atlassian.com/) | Google, Microsoft, Apple
20 | [Trello](https://trello.com/login) | Google, Microsoft, Apple
21 | [Trailblazer](https://trailblazers.salesforce.com/) | Salesforce
22 | [Bitbucket](https://bitbucket.org/product) | Google, Microsoft, Apple
23 | [Elastic Cloud](https://cloud.elastic.co/) | Google, Microsoft
24 | [Netdata Cloud](https://app.netdata.cloud/) | Google, Github
25 | [Jetbrains](https://hub.jetbrains.com/) | Bitbucket
26 | [Box](https://account.box.com/login) | Google
27 | [Skype](https://go.skype.com/sfw) | Microsoft
28 | [Dropbox](https://www.dropbox.com/) | Google, Apple
29 | [Auth0](https://auth0.com/) | Github, Google, Linkedin, Microsoft
30 | [Miro](https://miro.com/login/) | Google, Facebook, Slack, Office365, Apple
31 | [Salesforce](http://salesforce.com) | -
32 | [GitHub](http://github.com) | -
33 | [Eclipse](https://accounts.eclipse.org/) | -
34 | [Docusign](https://account.docusign.com/) | -
35 | [Dynatrace](https://sso.dynatrace.com/) | -
36 | [Tenera](https://app.tenera.io/) | -
37 | [Docker](http://hub.docker.com/sso/start)| -
38 | [New Relic](https://newrelic.com/) | -
39 | [Hotjar](https://insights.hotjar.com/login) | Google
40 | [Splunk](https://www.splunk.com/) | -
41 | [Outlook](https://www.office.com/) | -
42 | [Azure](https://portal.azure.com/) | Github
43 | [AWS](https://console.aws.amazon.com/console/) | -
44 | [Pivotal Tracker](https://www.pivotaltracker.com/signin) | Google
45 | [Jamf](https://www.jamf.com/login/) | -
46 | [JumpCloud](https://console.jumpcloud.com/login) | -
47 | 
48 | 
49 | 
50 | 
51 | ##### ⚠️ Disclaimer The authors of this document take no responsibility for correctness. This project is merely here to help guide security researchers towards determining whether something is vulnerable or not, but does not guarantee accuracy. This project heavily relies on contributions from the public. The information included at this page is for educational purposes. 
52 | 


--------------------------------------------------------------------------------