Dr Nestori Syynimaa 

@[email protected]
834 Followers
104 Following
59 Posts
Senior Principal Security Researcher
@microsoft. Ex-Secureworks. (PhD, MSc, MEng, CITP, CCSK).
And yes, opinions are my own ;)
NOT ACTIVE HERE -> https://bsky.app/profile/drazuread.com
Dr Nestori Syynimaa Nov 22, 2023

My talks from October at Microsoft BlueHat, Wild West Hackin' Fest, & Dell Technologies Forum Sweden available at https://aadinternals.com/talks/

Enjoy!

Talks

My talks in different conferences.

Dr Nestori Syynimaa Oct 5, 2023
In this #Microsoft BlueHat talk I'll share some "by design" war stories from me and fellow researchers. The cases demonstrate a scale of different outcomes of "by design" rulings. The purpose is to foster dialogue between Microsoft Security Response Center (MSRC) and researchers to keep us all protected!
👉 https://microsoft.com/bluehat/
BlueHat | Microsoft

Microsoft BlueHat - Bringing offensive and defensive cyber security professionals together to address modern threats.

Microsoft
Dr Nestori Syynimaa Sep 9, 2023

#DEFCON31 recordings are out now!

Link to my talk & slides "From Feature to Weapon - Breaking Microsoft Teams and SharePoint Integrity" available at https://aadinternals.com/talks

Talks

My talks in different conferences.

Dr Nestori Syynimaa Aug 19, 2023

The recording of my #DEFCON31 #ReconVillage talk "Azure AD OSINT" (applies also to Entra ID) is out now: https://www.youtube.com/watch?v=4NpT78zxZEo

Slides 👉 https://aadinternals.com/talks/

DEF CON 31 Recon Village - Dr Nestori Syynimaa - Azure AD recon with OSINT tools

YouTube
Dr Nestori Syynimaa Aug 18, 2023
My #TROOPERS talk on Dumping NTHashes from Azure AD (Entra ID) is out now!
https://www.youtube.com/watch?v=gT8t5A93qMw
TROOPERS23: Dumping NTHashes from Azure AD

YouTube
Dr Nestori Syynimaa Aug 15, 2023

#AADInternals #DEFCON32 edition I demonstrated in my @defcon talk is now available on GitHub and #PowerShellGallery:
â—¾ Spoof SPO, Teams, and OneDrive files
â—¾ Tamper with existing files
â—¾ Nothing is logged

Change log available at: https://aadinternals.com/aadinternals/#version-info

Documentation

AAD Internals PowerShell module

Dr Nestori Syynimaa Aug 13, 2023
Slides of my #DEFCON31 and #ReconVillage talks are available at https://aadinternals.com/talks/#2023
Talks

My talks in different conferences.

Dr Nestori Syynimaa Aug 12, 2023
Confidentiality, availability, and integrity are the three principles of information security. Join my #DEFCON session today (at 12, Track 4) to learn how to break the integrity of #Microsoft #Teams and #SharePoint using built-in migration feature.
I'll demonstrate how a standard user can:
🔹Spoof documents and tamper with existing documents (without any log events)
🔹Perform XSS attacks to break confidentiality, EoP, etc.
Dr Nestori Syynimaa Aug 8, 2023
Are you attending any of those great #AzureAD / #EntraID security related trainings today at #BHUS? Watch out, I might stop by to say hi! Also might bring some #AADInternals stickers 😉
Dr Nestori Syynimaa Aug 6, 2023
I'm in!