Abusing AAD Family Refresh Tokens for Unauthorized Access and Persistence (2022) (github.com)