blog category
Research & Tradecraft
Research & Tradecraft
TL;DR This blog walks you through setting up an ADFS lab using Ludus and/or a flexible...
By: Beyviel David
Dec 19, 2024 • 7 min read
Read Post
Research & Tradecraft
Misconfiguration Manager: Detection Updates
TL;DR: The Misconfiguration Manager DETECT section has been updated with relevant guidance to help defensive operators...
By: joshua prager
Dec 16, 2024 • 7 min read
Read Post
Research & Tradecraft
Attacking Entra Metaverse: Part 1
This is part one in a two (maybe three…) part series regarding attacker tradecraft around the...
By: Daniel Heinsen
Dec 13, 2024 • 8 min read
Read Post
Research & Tradecraft
SPA is for Single-Page Abuse! – Using Single-Page Application Tokens to Enumerate Azure
Author: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies,...
By: Lance B. Cain
Dec 10, 2024 • 9 min read
Read Post
Research & Tradecraft
Azure Key Vault Tradecraft with BARK
Brief This post details the existing and new functions in BARK that support adversarial tradecraft research...
By: Andy Robbins
Nov 20, 2024 • 8 min read
Read Post
Research & Tradecraft
Maestro: Abusing Intune for Lateral Movement Over C2
If I have a command and control (C2) agent on an Intune admin’s workstation, I should...
By: Chris Thompson
Oct 31, 2024 • 13 min read
Read Post
Research & Tradecraft
Maestro: Abusing Intune for Lateral Movement Over C2
By: Chris Thompson
Oct 31, 2024 • 13 min read
Read Post
Research & Tradecraft
TL;DR: BOFHound can now parse Active Directory Certificate Services (AD CS) objects, manually queried from LDAP,...
By: Matt Creel
Oct 30, 2024 • 14 min read
Read Post
Research & Tradecraft
Dotnet Source Generators in 2024 Part 1: Getting Started
Introduction In this blog post, we will cover the basics of a source generator, the major...