REGISTER to join us in Charleston for the Hybrid Identity Protection Conference — October 7-9
Back to blogs listing

Hybrid Identity Protection

Categories

Chat with an expert

Modernize your AD

Request Demo

Download Purple Knight

Free Active Directory Security Assessment

Read more
EntraGoat Scenario 6: Exploiting Certificate-Based Authentication to Impersonate Global Admin in Entra ID

EntraGoat Scenario 6: Exploiting Certificate-Based Authentication to Impersonate Global Admin in Entra ID

  • Jonathan Elkabas and Tomer Nahum
  • Aug 12, 2025

Editor’s note This scenario is part of a series of examples demonstrating the use of EntraGoat, our Entra ID simulation environment. You can read an overview of EntraGoat and its value here. Certificate Bypass Authority–Root Access Granted EntraGoat Scenario 6 details a privilege escalation technique in Microsoft Entra ID where…

EntraGoat Scenario 2: Exploiting App-Only Graph Permissions in Entra ID

EntraGoat Scenario 2: Exploiting App-Only Graph Permissions in Entra ID

  • Jonathan Elkabas and Tomer Nahum
  • Aug 05, 2025

In our second EntraGoat attack scenario, follow the steps from a carelessly leaked certificate to capture the Global Admin password—and full Entra ID compromise.

EntraGoat Scenario 1: Service Principal Ownership Abuse in Entra ID

EntraGoat Scenario 1: Service Principal Ownership Abuse in Entra ID

  • Jonathan Elkabas and Tomer Nahum
  • Aug 05, 2025

How can a compromised low-privileged user account exploit service principal ownership—and complete an Entra ID tenant takeover? Find out when you dive into EntraGoat Scenario 1.

Getting Started with EntraGoat: Breaking Entra ID the Smart Way

Getting Started with EntraGoat: Breaking Entra ID the Smart Way

  • Jonathan Elkabas and Tomer Nahum
  • Aug 04, 2025

Ready to jump in and get your hooves dirty in EntraGoat? Start here. These quick-start steps will get you into your first attack scenario.

What Is EntraGoat? A Deliberately Vulnerable Entra ID Simulation Environment

What Is EntraGoat? A Deliberately Vulnerable Entra ID Simulation Environment

  • Jonathan Elkabas and Tomer Nahum
  • Aug 04, 2025

What’s the best way to build cyber resilience? Practice! Meet EntraGoat, your safe space for hands-on, CTF-style learning. Track attack paths, hunt down identity misconfigurations, and expose access control flaws—while building resilience against real-world threats.

Understanding Identity Security Posture: See the Big Picture of Your Hybrid Environment

Understanding Identity Security Posture: See the Big Picture of Your Hybrid Environment

  • Sean Deuby | Principal Technologist, Americas
  • Jun 27, 2025

Pursuing cybersecurity maturity requires more than flipping a switch. To maintain a strong identity security posture, start by taking a broader look at the complex factors affecting your identity ecosystem.

Microsoft Entra Connect Compromise Explained

Microsoft Entra Connect Compromise Explained

  • Huy Kha | Senior Identity & Security Architect
  • Mar 28, 2025

In hybrid identity environments, attackers that manage to breach either the on-premises Active Directory or cloud-based Entra ID typically attempt to expand their reach throughout your identity environment. If your identity infrastructure includes Entra ID, make sure you understand how to detect and defend against Entra Connect compromise. What is…

Introduction to Identity Forensics & Incident Response (IFIR)

Introduction to Identity Forensics & Incident Response (IFIR)

  • Huy Kha | Senior Identity & Security Architect
  • Mar 21, 2025

From my experience at Microsoft Detection and Response Team (DART), I know that ransomware operators almost always target high-privileged identities. Once attackers gain control, they use those identities to spread ransomware; for example, through Group Policy or PsExec. Ransomware attacks are usually loud and destructive, aiming to cause maximum impact…