See the latest by Daniel Heinsen
Update: Dumping Entra Connect Sync Credentials
TL;DR Microsoft has recently changed how Entra Connect Sync authenticates to Entra ID. This blog post...
By: Daniel Heinsen
Jun 9, 2025 • 10 min read
Read Post
Entra Connect Attacker Tradecraft: Part 2
Now that we know how to add credentials to an on-premises user, lets pose a question:...
By: Daniel Heinsen
Jan 22, 2025 • 11 min read
Read Post
Attacking Entra Metaverse: Part 1
This is part one in a two (maybe three…) part series regarding attacker tradecraft around the...
By: Daniel Heinsen
Dec 13, 2024 • 8 min read
Read Post
An AWS Administrator Identity Crisis: Part 1
BLUF: Every attack path needs a destination. This is a formalized way of describing destinations in...
By: Daniel Heinsen
Jun 28, 2024 • 11 min read
Read Post
Summary: Given that: Temporary Access Passes (TAP) are enabled in the Azure AD tenant AND You...