NicolaAiTM Phishing with Azure FunctionsPoC for an Azure AiTM Function to phish Entra ID credentials and bypass canary token detections.10 min read·Apr 1, 2024----
NicolaHave you heard about passkeys and AAGuids?With the availability of passkeys the FIDO2 standards become more accessible in the form of password managers, web-browsers and (mobile)…6 min read·Dec 1, 2023--2--2
NicolaEnriching Microsoft Sentinel tables with eligible Entra directory rolesMicrosoft 365 Defender and Sentinel provide an IdentityInfo table that contains various information that is helpful for threat hunting and…6 min read·Nov 17, 2023----
NicolaMaintaining Microsoft Sentinel Analytic Rules in JSON and YAML with GitHub ActionsMicrosoft Sentinel Analytic Rules can be shared in both the YAML and ARM format, whereas the ARM format leverages JSON as file type. Within…4 min read·Nov 13, 2023--1--1
NicolaHave you heard of workload identity access token replay?Microsoft recently made the Microsoft Graph Activity Logs available as part of the Microsoft Entra ID diagnostic settings. This means we…6 min read·Nov 8, 2023----
NicolaEntra Connect HardeningAn actionable list of hardening measures for your Entra Connect Sync server’s service accounts.6 min read·Sep 24, 2023----
NicolaWhy you should use Entra Workload Identity FederationMicrosoft Entra Workload Identity Federation is a hidden gem when dealing with app registrations and service principals because it will…5 min read·Sep 7, 2023----
NicolaRetrieving Windows LAPS Azure AD Passwords with PowerShellDid you know that for the new Windows LAPS Azure AD is also maintaining the password history? The built in PowerShell commandlet relies on…3 min read·May 10, 2023----
NicolaProvoking Defender for Identity suspicious certificate usage alertsMicrosoft Defender for Identity (MDI) has announced a new capability to detect suspicious certificate usage for Kerberos…8 min read·Apr 11, 2023----
NicolaYou must not touch my endpoint security settings!Intune Endpoint Security Configuration Settings have become the way to go for configuring security features on various platforms. What did…4 min read·Mar 12, 2023----