Immich Deployment on Windows Server Using Docker, WSL, and SMB-Based Persistent StorageFeb 22, 2026·15 min read·8
PinnedInteractive Microsoft Sentinel Incident Notifications in Teams via an Azure Logic App Using Adaptive Cards.Security teams need fast, structured, and contextual alerts. This guide shows how to deliver Sentinel incidents to Teams using Logic Apps.Jun 12, 2025·4 min read·314
LAPS: The Local Administrator Password Solution For Windows Devices In Entra ID.Nov 30, 2025·2 min read·7
Deploying Level RMM Using A Microsoft Intune Platform Script.Streamlining Level RMM deployment across Windows devices using PowerShell and a Microsoft Intune deployment script.Nov 30, 2025·3 min read·20
Attack Simulation Training - Microsoft Defender for Office 365 (MDO)A Practical Walkthrough of Simulated Phishing and Behavioural Training in Microsoft Defender for Office 365 (MDO).Nov 16, 2025·10 min read·189
Bypassing Microsoft Intune Compliant Device Conditional Access Requirements Using TokenSmithHow adversaries exploit Intune’s Company Portal to obtain access tokens and bypass Microsoft’s compliant device conditional access controls.Oct 18, 2025·1 min read·15
How Adversaries Execute AiTM Phishing Campaigns (A Practical Demonstration Using Evilginx3)An in-depth look at proxy phishing and AiTM attacks, adversary operations and SOC detection, containment and prevention strategies.Oct 18, 2025·1 min read·8
Auditing Microsoft Entra Authentication Methods with Microsoft Sentinel and Azure Logic AppsA practical guide to collecting and analysing user authentication method data with Microsoft Graph, Azure Logic Apps, and Microsoft Sentinel.Oct 16, 2025·11 min read·135
Automating Azure NSG Inbound Rules for Dynamic IPs Using DDNS and PowerShell RunbooksMaintain Azure NSG inbound security rules with a changing source public IP using a PowerShell Runbook and Dynamic DNS in Azure Automation.Oct 16, 2025·8 min read·82
