Join us at our #TISummit and engross yourself in the unique vulnerability findings by Secureworks' distinguished Microsoft Most Valuable Researchers (MVRs) Dr. Nestori Syynimaa, Joosua Santasalo, Tony Gore Don’t miss the opportunity! bit.ly/3PzVcjN

Just to be a fly on the wall at Secureworks #TISummit23 listening to these Microsoft Most Valuable Researchers and glean nuggets from them is a win! Joosua Santasalo Dr. Nestori Syynimaa Tony Gore

Had a blast in Seattle this week attending Microsoft BlueHat . Got to finally meet my teammate Dr. Nestori Syynimaa in person and got to meet some really cool people. Thanks Microsoft Microsoft Security Response Center for having me out there! Great talks and great conversations! Here’s to next year! 🍻

Dcsync without triggering traditional alerts? nullg0re.com/2023/09/hijack…

Low Severity / by-design issue that can be abused in interesting ways. Going from Pass-The-PRT to AzureHound collection and more... nullg0re.com/2023/09/device…

Semper Fi Marines and Happy Veterans Day to all the veterans today. Here’s a picture of me (far left) standing with (IIRC) the governor of New York, and an Operation Iraqi Freedom Marine veteran who needed 13 facial reconstruction surgeries just to be in the photo. He was

Earlier this year I made the Top 100 2023 Microsoft Most Valuable Researcher list! Thanks Security Response for sending out the swag! Just in time for the holidays!

Vulnerability Hunting with ChatGPT nullg0re.com/2023/12/automa…

Entra ID Connect Arbitrary Password Overwrite nullg0re.com/2024/01/entra-…

Oh! This is cool! I placed in the top 10 of hackers / researchers world wide in the Microsoft Security Response Center Q4 Leaderboard with 325 points! And top 5 in the Azure specific leaderboard! Special shoutout to my teammates (past and present) Dr. Nestori Syynimaa Joosua Santasalo for helping me level

Spent some time in Azure Machine Learning Studio and identified some areas to keep in mind when using the environment. Nothing groundbreaking, but definitely a reminder of why security needs to be more involved with the explosion of AI infrastructure / needs:

Performed some research with my teammate Joosua Santasalo regarding Multi-Tenant Application Redirect URIs. Turns out, in some cases, they can be taken over and used to steal Azure Authorization Code's (OAuth2.0 Auth Code Flow): secureworks.com/research/azure…

Episode 1 w/ Tony Gore, of my new podcast 'whoami' is now live on spotify and youtube! On whoami, I'm talking with great hackers to find out how they got into hacking and dig into their area of expertise. Check it out: youtu.be/rE2eBnE1LtA open.spotify.com/show/76RZgAzX2…

How to combine Responder w/ Evilgnx2 for privilege escalation and lateral movement in Passwordless, MFA and/or Zero Trust Environments: (Technique discovered by Nevada in 2023)) nullg0re.com/2024/05/cracki…

Permissive Avere Contributor Role Allows for VM Credential Dumping. Secureworks Threat Analysis: secureworks.com/research/permi… Nullg0re Blog (More personalized analysis): nullg0re.com/2024/03/permis…

I placed 30th in the top 100 Most Valuable Researcher leaderboard!! Special thanks to Microsoft Security Response Center for putting on these events year after year!

This was my last research project while working for Secureworks. I’ve taken a new role at CrowdStrike but I am still proud of the work I did with my Secureworks fam. PTAL: Cloud to on-prem (and multi-cloud) lateral movement: secureworks.com/research/log-a…