Talks
| Title | Event | Slides | Video | |
|---|---|---|---|---|
| I SPy: Rethinking Entra ID Research for New Paths to GA | fwd:cloudsec 2025 | Slides | YouTube | |
| Persisting Unseen: Attacker Methods of Infesting Entra ID | RSAC Cloud Seminar | Slides | YouTube | |
| Abusing AUs, Confusing the SOC: Entra ID’s AU Attack Paths | SO-CON 2025 | Slides | YouTube | |
| Cloud Incident Response in Microsoft Azure | Cloud Security Podcast | N/A | YouTube | |
| Azure Security Assessments w/ Resource Graph Explorer | Cloud Security Podcast | N/A | YouTube | |
| Hidden in Plain Sight: (Ab)using Entra’s AUs | BSides Toronto 2024 | Slides | YouTube | |
| Hidden in Plain Sight: (Ab)using Entra’s AUs | fwd:cloudsec EU 2024 | Slides | YouTube | |
| Azure And The (Mis) Storage Of Secrets | BSides Toronto 2022 | Slides | YouTube | |
| A Quick Jaunt Through Active Directory Hacking | WiCyS NYC, Jan 2020 | Slides | N/A | |
| Tips for Crushing CTFs & Pwning Pentests | KringleCon 2019 | Slides | YouTube | |
| Realistic Strategies for AD Security & Red Forest | RSA 2019 | Slides | YouTube | |
| Sneaking Secrets from SMB Shares | KringleCon 2018 | Slides | YouTube | |
| Voyages of the Security-Driven Enterprise | OWASP BASC 2018 | Slides | N/A | |
| Investigating RF Controls with the RTL-SDR | BSides NYC 2018 | Slides | Vimeo | |
| Investigating RF Controls with the RTL-SDR | SANS HackFest 2017 | Slides | N/A | |
| SMTP Security & History | Layer One 2017 | Slides | YouTube |
External Publications
| Link | Source |
|---|---|
| Creating immutable users through a bug in Entra ID restricted administrative units | Datadog Security Labs |
| Escalating privileges to read secrets with Azure Key Vault access policies | Datadog Security Labs |
| Hidden in Plain Sight: Abusing Entra ID Administrative Units for Sticky Persistence | Datadog Security Labs |