Dr Nestori Syynimaa 

@[email protected]
834 Followers
104 Following
59 Posts
Senior Principal Security Researcher
@microsoft. Ex-Secureworks. (PhD, MSc, MEng, CITP, CCSK).
And yes, opinions are my own ;)
NOT ACTIVE HERE -> https://bsky.app/profile/drazuread.com
Dr Nestori Syynimaa Nov 22, 2023

My talks from October at Microsoft BlueHat, Wild West Hackin' Fest, & Dell Technologies Forum Sweden available at https://aadinternals.com/talks/

Enjoy!

Talks

My talks in different conferences.

Dr Nestori Syynimaa Oct 5, 2023
In this #Microsoft BlueHat talk I'll share some "by design" war stories from me and fellow researchers. The cases demonstrate a scale of different outcomes of "by design" rulings. The purpose is to foster dialogue between Microsoft Security Response Center (MSRC) and researchers to keep us all protected!
👉 https://microsoft.com/bluehat/
BlueHat | Microsoft

Microsoft BlueHat - Bringing offensive and defensive cyber security professionals together to address modern threats.

Microsoft
Dr Nestori Syynimaa Sep 9, 2023

#DEFCON31 recordings are out now!

Link to my talk & slides "From Feature to Weapon - Breaking Microsoft Teams and SharePoint Integrity" available at https://aadinternals.com/talks

Talks

My talks in different conferences.

Dr Nestori Syynimaa Aug 19, 2023

The recording of my #DEFCON31 #ReconVillage talk "Azure AD OSINT" (applies also to Entra ID) is out now: https://www.youtube.com/watch?v=4NpT78zxZEo

Slides 👉 https://aadinternals.com/talks/

DEF CON 31 Recon Village - Dr Nestori Syynimaa - Azure AD recon with OSINT tools

YouTube
Dr Nestori Syynimaa Aug 15, 2023

#AADInternals #DEFCON32 edition I demonstrated in my @defcon talk is now available on GitHub and #PowerShellGallery:
â—¾ Spoof SPO, Teams, and OneDrive files
â—¾ Tamper with existing files
â—¾ Nothing is logged

Change log available at: https://aadinternals.com/aadinternals/#version-info

Documentation

AAD Internals PowerShell module

Dr Nestori Syynimaa Aug 12, 2023
Confidentiality, availability, and integrity are the three principles of information security. Join my #DEFCON session today (at 12, Track 4) to learn how to break the integrity of #Microsoft #Teams and #SharePoint using built-in migration feature.
I'll demonstrate how a standard user can:
🔹Spoof documents and tamper with existing documents (without any log events)
🔹Perform XSS attacks to break confidentiality, EoP, etc.
Dr Nestori Syynimaa Aug 8, 2023
Are you attending any of those great #AzureAD / #EntraID security related trainings today at #BHUS? Watch out, I might stop by to say hi! Also might bring some #AADInternals stickers 😉
Dr Nestori Syynimaa Aug 6, 2023
I'm in!
Dr Nestori Syynimaa Jul 2, 2023

I recently spoke at T2 conference on Azure AD Denial-of-Service attacks. The talk was not recorded, so I decided to write a blog about it for those who couldn't attend.

Have fun!
https://aadinternals.com/post/dosingaad/

DoSing Azure AD

My recent talk at the great T2 conference on DoSing Azure AD gained a lot of attention. Unfortunately, the talk was not recorded, so I decided to write a blog for those who couldn’t attend. So here we go!

Dr Nestori Syynimaa Jun 29, 2023

#AADInternals
@WEareTROOPERS
edition OUT NOW at #PowerShell Gallery and GitHub!!

Thanks to
@_dirkjan
for WHfB research & inspiration,
@cnotin
for PR, and
Nevada Romsdahl
&
@nullg0re
&
@santasalojoosua
for helping with AADDS research!

Lots of new stuff:
🔹Export NTHashes from AzureAD 😱
🔹Command line based interactive login
🔹Automatic MFA with OTP
🔹TAP support
🔹Export PRT & Session key from CloudAP cache (with user credentials)
🔹Setting WHfB key
🔹Getting PRT & Session key with WHfB key
🔹PS 7 support 🤞

If/when you find any bugs, please let me know asap (Twitter, GitHub issue/PR, etc.)

Full changelog: https://aadinternals.com/aadinternals/#version-info

Documentation

AAD Internals PowerShell module