Expert research on Azure security, Entra ID, identity threats, privilege escalation, and cloud red-team techniques.
Dissect Microsoft Entra Verified ID from a red team lens — chain of trust, Key Vault keys, DID:web risks, and offensive techniques for assessment.
A colleague showed me Copilot Studio. I went home, spun it up in my own tenant, and spent weeks asking how badly it could go wrong. This is what I found.
Deep dive into federated token exchange mechanisms and security implications in Azure environments.
Proof-of-concept: extract Microsoft Graph tokens from managed identities via federated identity credential injection with Contributor access alone.
This research investigates the security architecture of Azure Key Vault from an offensive perspective, revealing exploitation opportunities in the access control layer.
How attackers chain role assignments, nested group memberships, PIM eligible roles, and application consent grants to elevate privileges in Microsoft Entra ID.
A soft-deleted file in a public blob container leaks a SAS token that exposes an entire file share, cascading into a complete Azure tenant takeover.
How attackers exploit Azure diagnostic settings to disable security logs at the source while keeping metrics flowing, blinding detection pipelines.
BlackCat is an open-source PowerShell module for Azure security assessments that maps its 40+ functions to the MITRE ATT&CK framework.
Research into the security mechanisms protecting Azure Functions authentication keys, revealing encryption implementations and critical bypass vulnerabilities.
ScEntra maps privilege escalation paths in Microsoft Entra ID by analysing role assignments, PIM configurations, and transitive group memberships.
Visualize and analyze privilege escalation paths in Microsoft Entra ID environments with ScEntra.
Fetching articles from the server…
Start typing to search posts…