John Jiang

Here's my top 20 weaknesses in M365 based on experience consulting. I've seen most of these everywhere in varying mixtures. Public groups has been a problem in all but one org I've worked with. 1. Public Groups expose sensitive data 2. Upload from unmanaged devices 3. Download from unmanaged devices 4. Lack of CAPs to block device code phishing 5. Lack of CAPs and configurations to mitigate AITM 6. OneDrive sync allowed from unmanaged devices 7. Ability to sync cloud storage to other 3rd party drives and vice versa 8. Anyone links in OneDrive and SharePoint 9. Legacy SharePoint IRM on sites and document libraries and Teams (classic) sites 10. Non-existant App Governance 11. Lack of governance or data security on Power Platform Connectors 12. Lack of license by request for Power Platform Apps 13. Teams apps sprawl 14. Anon users allowed to chat in Teams 15. Excessive API permissions in vendor apps 16. Ungoverned 3rd party AI 17. Lack of DLP on Microsoft Cloud Services 18. Lack of Safelinks in office365 apps aside from email 19. Lack of safe attachments in m365 apps outside email 20. Lack of phishing resistant authn

✔️ @SecurityThunder

@TEMP43487580 Let's become masters of memes together! 😂

@SecurityThunder learned how to make a meme from your talk at Troopers😂

I just started a new blog, and this is my first post. I took a bit of PTO, so this is a little record of some fun I had playing around with Intune during that time. It's about enrollment restriction bypass😄 temp43487580.github.io/intune/bypass-…

#TROOPERS25 AD & Entra ID Security track resources, on the @ERNW_ITSec blog @Insinuator Featuring @Jonas_B_K @martinhaller_IT @TEMP43487580 @JsQForKnowledge @fabian_bader @_dirkjan @ShitSecure @DrAzureAD @kazma_tw @subat0mik @unsigned_sh0rt @ericonidentity insinuator.net/2025/08/troope…

Just wrapped up our talk at DEF CON 33 ! Wandering around after my talk, and people are still coming up to recommend listening to our research! It's the greatest affirmation for a researcher. #DEFCON

Our talks in DEF CON! Saturday at 11:30 in LVCC - L1 - Exhibit Hall West 3 - Track 4

First international talk — at @WEareTROOPERS ! Saw views from my history textbook, and met legends I used to only see on the internet.🫡 Big thanks to my best research partner, my mentor @SecurityThunder , and everyone who showed up to hype me up 🔥

Today at #Troopers24 we released Certiception – the ADCS honeypot we always wanted to have. Blog: srlabs.de/blog-post/cert… Source code: github.com/srlabs/Certice… Slide deck, including our guide to deception strategy: github.com/srlabs/Certice…

I am honored that our submission was accepted for TROOPERS. Looking forward to Heidelberg next month!

Again Best Checklist IDOR: ⚡️ #infosec #cybersec #bugbountytips

I'll be presenting at #HITB2023HKT, discussing how we leverage LLM as active directory security assistant.

See you at Blue Team Summit!

We observed an attacker #VPN directly into an internal network to bypass preventive security & then create a digital skeleton key to gain admin access across the entire network. Is your #remotework force secure? Read our full analysis >> ow.ly/mKa950zgD2c

[Blog] Lateral Movement Using Outlook’s CreateObject Method and DotNetToJScript posts.specterops.io/lateral-moveme…

This is exactly why recovery from APT is difficult: they have multiple vantage points to get inside your network once they're in, lateral mouvement is deadly slideshare.net/FrodeHommedal/… by @FrodeHommedal

@maridegrazia Thx , I'll let you know when the translation is published.

@maridegrazia It's awesome. May I translate the post to Traditional Chinese? I want share it with more people.