# MAAD-AF Trusted IP Modification

This module allows an attacker to add their own, or any other, IP as a trusted 
IP within Azure AD. This can allow an attacker to get past any IP-based 
conditional access policies, potentially granting access to more resources.

## Module Overview - DRAFT

**NOTE FOR ENABLEMENT TEAM:** May need to iidentify a common format for lab
users to use for their trusted IP policy, e.g., "Vectra-XXXXXX"

1. From the main MAAD-AF Attack Arsenal menu, select `3` for `Modify Trusted IP
   Config for Easier Access`.  Read through the MITRE information, and press
   `<Enter>` to continue.

2. Enter a name for the trusted network policy.

3. Enter an IP address for the trusted network policy to use.  Simply pressing
   `<Enter>` here, as prompted, would cause MAAD-AF to automatically use the IP
   the user is connected from as a trusted IP.

   For the purposes of this lab, press `<Enter>`.

4. MAAD-AF will deploy the trusted network policy with the IP address(es)
   specified as trusted.

   ![MAAD Trusted Network Policy](images/maad_trusted_network_policy.png)

5. MAAD-AF will prompt the user to undo the actions just created.  Select `No`
   for the purposes of this exercise.

## Validation

Note the exact name of the trusted network policy which was just created.