🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Created an interactive web version of EntraFIDOFinder now too as well as updated the module. Made a quick blog post it, let me know your thoughts. clatent.com/2024/10/entraf… #PowerShell #MicrosoftEntra #Security

I propose that CyberRisk Alliance would better serve their speakers if they didn’t give out speaker contact information to vendors. It takes a lot of time to prepare for big conferences… and the payment is “sorry we missed you” spam from vendors 🙄

To those people attending your session that nod along and smile and seem to understand what you’re talking about - 🫡

Redmond bound for Microsoft BlueHat, co-presenting with Cam “The Two Sides of UnOAuthorized” 😎 It will be my sixth trip out to the PNW - one of my favorite parts of the country to visit, so I’m excited for many reasons!

En route to #HIPConf24, where I’ll be presenting on #UnOauthorized, as well as joining a panel with Thomas Naunheim, Gil Kirkpatrick, Guido Grillenmeier and Sean Deuby on workload identities, and having some good hallway conversations. Looking forward to seeing folks! #Entra #infosec

A quick debriefing with Eric Woodruff | MVP | CIDPRO, Karl, and Thomas Naunheim after Hybrid Identity Protection at Crescent City Brew 🍻

Still hard to not laugh when you see things like this in a #Entra tenant 😅

For those that *really* miss the old AAD portal: rc-aad.portal.azure.com/#view/Microsof… #Entra #EntraID

Curious about the sessions you missed at #RomHack2024 this year? Here you go: Eric Woodruff | MVP | CIDPRO - UnOAuthorized: The discovered path to privilege elevation Find a schedule that works for you and start watching 👉 youtube.com/watch?v=JQOVPA…

Device-bound #passkeys in #EntraID are finally GA aka.ms/Ignite2024/ent… #AiTM #Security #FIDO2

M'm glad to release the tool I have been working hard on the last month: #KrbRelayEx A Kerberos relay & forwarder for MiTM attacks! >Relays Kerberos AP-REQ tickets >Manages multiple SMB consoles >Works on Win& Linux with .NET 8.0 >... GitHub: github.com/decoder-it/Krb…

Wednesday, December 11th, Trimarc Active Directory Security Assessment Service Lead Jake Hildreth joins the Antisyphon Training crew for a free one-hour #infosec training session on: 🔒 Finding and Fixing AD CS Issues with Locksmith Jake will cover the essentials of Public Key

New #AADInternals version is finally out now: ▪ Moved endpoint related stuff to new module: AADInternals-Endpoints ▪ Added blue team stuff: Get app consent info, find backdoors, convert SID<>Entra ID Object ID, find abusable dynamic groups ▪ Added red team stuff: Get ESTSAUTH

I finished my talk at BHEU! The attack methods and techniques shared in the talk are not a great deal, but I hope this serves as an opportunity to draw attention to the importance of security measures for Intune. Here is the tool released for the talk. github.com/secureworks/py…

Check out this new blog post from Andy Robbins discussing the fundamental components & mechanics that enable the emergence of critical Attack Paths in Microsoft's increasingly popular Intune product. ⬇️ ghst.ly/3Cd5cwH

If you consume multi-tenant apps in #EntraID, and they’ve been granted consent to do things in your tenant, you can spy on the auth choices your vendor makes - secrets or certs - in the logs available in your #Entra tenant. #infosec #azure #m365 ericonidentity.com/2025/01/13/spy…

If you work in, around, near, adjacent, or so on, to #identity, including #infosec and #Entra, you should fill out the #IDPro skills survey. It takes five minutes and really helps in understanding the industry landscape. surveymonkey.com/r/L9QB6T2