Entra ID support + AU techniques

[siigil]

What does this PR do?

• Adds "Scoped Role Assignment Through HiddenMembership AU" technique (azure.persistence.hidden-au)
• Adds "Restricted Backdoor Account Through Restricted Management AU" technique (azure.persistence.restricted-au)
• Uses existing azidentity methods in Azure provider for authentication to Microsoft Graph
• Uses msgraph-sdk-go, msgraph-beta-sdk-go, and msgraph-sdk-go-core for Microsoft Graph activities
• kiota dependencies introduced through msgraph-sdk-go usage

Motivation

• Through research into Entra ID Administrative Units (AUs), methods to utilize AUs for privileged persistence were identified. Details on the workflow and impact can be found in documentation below, with further details upcoming in a blog + fwd:cloudsec talk.

Checklist

• The attack technique emulates a single attack step, not a full attack chain
• We have factual evidence & references that the attack technique was used by real malware, pentesters, or attackers
  -- Attack technique is based on upcoming research, but has not been observed in the wild
• The attack technique makes no assumption about the state of the environment prior to warming it up

[christophetd]

will add a bit of context to the attacks markdown and need to retest hidden-au

[christophetd]

closes #451

[christophetd]

@siigil feel free to review the 2 attack techniques I pushed

[siigil]

To document, I've reviewed the techniques @christophetd added and approve they look good + work on my system.
(Comment in place of formal approval, as I can't since I'm PR author.)