Technical Writing

Tech Blog

Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.

28 Apr 2025 · 12 min read · microsoft · intune

OuttaTune: Bypassing Conditional Access in Microsoft Intune

Exposing how Microsoft Intune's device filtering can be trivially bypassed to evade Conditional Access controls.

14 Apr 2025 · 6 min read · identity · conditional-access

InsomniHack & Entra Hybrid - Attack & Defence Mind Map : It's easier to attack than you think

Entra and Entra Hybrid has a huge attack surface and you're likely not even remotely aware of how easy it is to attack undetected.

26 Feb 2025 · 18 min read · microsoft · azure

SilentReaper: Undetectable Azure Control Plane Data Harvest

Exposing how control plane exploits in Microsoft’s iPaaS services enable silent data harvesting from workflows and secrets.

26 Feb 2025 · 20 min read · microsoft · azure

VaultRecon: An Azure Control Plane/Data Plane Isolation Flaw

How Microsoft's Isolation of Control Plane and Data Plane for Key Vault is flawed

25 Feb 2025 · 1 min read · cloud · cybersecurity

All You Need Is Read! Announcing 2x Cloud Service Provider Information Disclosure Vulnerabilities!

Less than 24 hours until my YouTube Livestream where I’m publicly disclosing my security research on two public cloud vulnerabilities that the vendor says aren’t vulnerabilities! Come join me on Wednesday at 19:00 GMT …

10 Feb 2025 · 1 min read · cloud · cybersecurity

Announcing 2x Cloud Service Provider Information Disclosure Vulnerabilities!

Less than 72 hours until my YouTube Livestream where I’m publicly disclosing my security research on two public cloud vulnerabilities that the vendor says aren’t vulnerabilities! Come join me on Wednesday at 19:00 GMT …