blog category
Research & Tradecraft
Research & Tradecraft
SlackPirate Set Sails Again! Or: How to Send the Entire “Bee Movie” Script to Your Friends in Slack
TLDR: SlackPirate has been defunct for a few years due to a breaking change in how...
By: Daniel Mayer
Jan 31, 2025 • 7 min read
Read Post
Research & Tradecraft
Entra Connect Attacker Tradecraft: Part 2
Now that we know how to add credentials to an on-premises user, lets pose a question:...
By: Daniel Heinsen
Jan 22, 2025 • 11 min read
Read Post
Research & Tradecraft
Intune Attack Paths — Part 1 Prior Work Several people have recently produced high-quality work around Intune tradecraft. I...
By: Andy Robbins
Jan 15, 2025 • 21 min read
Read Post
Research & Tradecraft
On Detection: Tactical to Functional Why it is Difficult to Say What a Tool Does Introduction Over...
By: Jared Atkinson
Jan 13, 2025 • 17 min read
Read Post
Research & Tradecraft
Part 15: Function Type Categories
On Detection: Tactical to Functional Seven Ways to View API Functions Introduction Welcome back to Part...
By: Jared Atkinson
Jan 7, 2025 • 24 min read
Read Post
Research & Tradecraft
ADFS — Living in the Legacy of DRS
ADFS — Living in the Legacy of DRS It’s no secret that Microsoft have been trying to move customers...
By: Adam Chester
Jan 7, 2025 • 32 min read
Read Post
Research & Tradecraft
TL;DR This blog walks you through setting up an ADFS lab using Ludus and/or a flexible...
By: beyviel david
Dec 19, 2024 • 7 min read
Read Post
Research & Tradecraft
Misconfiguration Manager: Detection Updates
TL;DR: The Misconfiguration Manager DETECT section has been updated with relevant guidance to help defensive operators...
By: joshua prager
Dec 16, 2024 • 7 min read
Read Post
Research & Tradecraft
Attacking Entra Metaverse: Part 1
This is part one in a two (maybe three…) part series regarding attacker tradecraft around the...