Valdemar Carøe
Security Researcher @ SpecterOps
Copenhagen, Denmark
Actions
Security researcher with a passion for dissecting software to understand its inner workings as well as an odd habit of optimizing proof-of-concept code for no apparent reason.
Links
Area of Expertise
Topics
Compromising Entra ID from the on-premises Active Directory in hybrid environments.
Ever more companies are getting acquainted with the cloud, and Entra ID (previously Azure AD) is gaining traction as an alternative to hosting on-premises Active Directory environments. In many cases, companies are not ready to make a definitive jump from on-premises to the cloud, so they opt-in for a hybrid setup, in which both the on-premises Active Directory and the cloud-based Entra ID are intertwined.
As red teamers and penetration testers, it is our duty to keep up with the ever-evolving market of technologies, but unfortunately, techniques and procedures for compromising an Entra ID environment (in a hybrid setup) are scarce and often poorly documented.
In this talk, I will shed light on how the on-premises Active Directory environment in a hybrid setup can often lead to a compromise of the Entra ID cloud environment.
I will demonstrate various Entra ID misconfigurations and attacks that I have personally seen and used in real engagements.
Catching Credential Guard Off Guard
Dive into the nitty gritty of how NTLM, Kerberos, Credential Guard and various security protocols for RDP works - and learn how to weaponize this information to bypass Credential Guard and accomplish credential dumping on modern systems with contemporary security features enabled.
Valdemar Carøe
Security Researcher @ SpecterOps
Copenhagen, Denmark
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top