Sapir’s failed research blog

Tag: microsoft

24 בMay 2025

The new Dmsa Vuln for people who don’t know what Dmsa is

I just wanted to play with the new dmsa vulnerability too

AD

activedirectory, dmsa, microsoft, security, vulnerability
20 בMay 2025

Mini quest with Sync API

A mini quest discovering new things for me but old things for roadrecon (:

Azure

Azure, AzureAD, cloud, entra-id, microsoft, security
14 בFebruary 2025

Playing Around with Entra APIs

Just a small experiment to see what shows up (and what doesn’t) in Entra logs when using undocumented APIs. I poked around some lesser-known endpoints, checked how they interact with GraphActivityLog, and tried to understand where things might leave a trace. Nothing groundbreaking—just a fun research session with some interesting findings! :)

Azure

Azure, cloud, microsoft, security
14 בNovember 2024

Entra Sign-In logs hidden gems

This short post is here to raise awareness about some super useful fields in the sign-in logs. We all know how essential these logs are—if you want to get things done in the cloud, it usually starts with a user :) and that means a sign-in!

Azure

Azure, AzureAD, cloud, cybersecurity, Entra, Logs, microsoft, security, Sign-In