diff --git a/Methodology and Resources/Cloud - Azure Pentest.md b/Methodology and Resources/Cloud - Azure Pentest.md
index d6721d2..1c1ad9f 100644
--- a/Methodology and Resources/Cloud - Azure Pentest.md	
+++ b/Methodology and Resources/Cloud - Azure Pentest.md	
@@ -948,12 +948,19 @@ cat <PATH TO .json FILE> | Select-String password
 
 ```powershell
 # Enumerate application that have Proxy
-PS C:\Tools> Get-AzureADApplication | %{try{GetAzureADApplicationProxyApplication -ObjectId $_.ObjectID;$_.DisplayName;$_.ObjectID}catch{}}
+PS C:\Tools> Get-AzureADApplication -All $true | %{try{GetAzureADApplicationProxyApplication -ObjectId $_.ObjectID;$_.DisplayName;$_.ObjectID}catch{}}
 PS C:\Tools> Get-AzureADServicePrincipal -All $true | ?{$_.DisplayName -eq "Finance Management System"}
 PS C:\Tools> . C:\Tools\GetApplicationProxyAssignedUsersAndGroups.ps1
 PS C:\Tools> Get-ApplicationProxyAssignedUsersAndGroups -ObjectId <OBJECT-ID>
 ```
-
+   
+## Application Endpoint
+```powershell
+# Enumerate possible endpoints for applications starting/ending with PREFIX
+PS C:\Tools> Get-AzureADServicePrincipal -All $true -Filter "startswith(displayName,'PREFIX')" | % {$_.ReplyUrls}
+PS C:\Tools> Get-AzureADApplication -All $true -Filter "endswith(displayName,'PREFIX')" | Select-Object ReplyUrls,WwwHomePage,HomePage
+```
+   
 ## Conditional Access
 
 * Bypassing conditional access by copying User-Agent (Chrome Dev Tool > Select iPad Pro, etc)