Overview
Learn how to conduct Azure Active Directory reconnaissance using OSINT tools in this DEF CON 31 conference talk. Discover techniques for gathering intelligence on Fortune 500 organizations' Azure AD implementations through public DNS records and open APIs. Master the use of AADInternals and other open-source tools to identify registered domains, enumerate authentication methods and users, and determine which Microsoft services are being utilized by target organizations. Gain insights into the methods nation-state adversaries employ to identify vulnerable targets within the 90% of Fortune 500 companies using Azure AD. The presentation, delivered by Dr. Nestori Syynimaa at Recon Village in Las Vegas, provides practical demonstrations of OSINT gathering techniques specifically focused on Microsoft cloud service environments.
Syllabus
DEF CON 31 Recon Village - Dr Nestori Syynimaa - Azure AD recon with OSINT tools
Taught by
Recon Village