Search for a command to run...
An in-depth look at proxy phishing and AiTM attacks, adversary operations and SOC detection, containment and prevention strategies.
This article is coming 20/10/2025. Keep an eye out, and subscribe to the blog to be announced.
Enjoyed this article? Consider reading: Bypassing Microsoft Intune Compliant Device Conditional Access Requirements Using TokenSmith.
No comments yet. Be the first to comment.
Designing a Resilient Linux Application Stack on Windows Infrastructure.
A deep dive on ClickFix, mapping fake CAPTCHA lures to endpoint code execution, covering investigation, response, and preventative controls.
Overview. Prerequisites. Join types. LAPS is only supported on: Microsoft Entra joined devices. Microsoft Entra hybrid joined devices. Microsoft Entra registered devices are not supported. License requirements. LAPS is available to all customers ...
A complete analysis of a compromised identity in Microsoft 365, covering key tactics, techniques, and procedures.
Streamlining Level RMM deployment across Windows devices using PowerShell and a Microsoft Intune deployment script.
Ciaran Doherty's SecOps Blog
24 posts