Tenant information This Open-source Intelligence (OSINT) tool will extract openly available information for the given tenant. The tool is using APIs mentioned in my previous blog post and in MS Graph API documentation. Domain details is returned only for the 20 first domains. For complete recon information, please use AADInternals PowerShell module. Note: Username requests are now throttled! This service is not meant for monitoring users 🤷‍♂️ Note: CBA status is valid ONLY if email of an existing user is given.

Azure AD Connect Health is a feature that allows viewing the health of on-prem hybrid infrastructure components, including Azure AD Connect and AD FS servers. Health information is gathered by agents installed on each on-prem hybrid server. Since March 2021, also AD FS sign-in events are gathered and sent to Azure AD.

In this write-up (based on a Threat Analysis report by Secureworks), I’ll explain how anyone with a local administrator access to AD FS server (or proxy), can create arbitrary sign-ins events to Azure AD sign-ins log. Moreover, I’ll show how Global Administrators can register fake agents to Azure AD - even for tenants not using AD FS at all.

Microsoft (finally!) announced in April 2019 the support for 8-256 character passwords in Azure AD/Office 365. This limit does not apply to users whose passwords are synced from the on-prem Active Directory (or for federated users). In this blog, I tell how to set insanely long passwords (64K+) also for cloud-only users!

Did you know that you could get a free custom domain for your Office 365 or Azure AD tenant?

Tools for hacking and administering Azure AD & Microsoft 365