Projects & Research

Tools, Research & Open Source

Security research, open source tooling, and experimental projects. Built to explore, understand, and solve real problems.

🔬

OID-See

BloodHound for OAuth in Entra ID — maps third-party app consent, scopes, assignments, and trust signals into a graph to surface impersonation risk and OAuth sprawl.

GitHub
🔬

ISDF — Intune Stateful Device Fingerprinting

Cloud-stamped device metadata for Conditional Access — moves device trust out of the endpoint and into Azure, using TPM-rooted hardware identifiers validated by a Logic App with Managed Identity.

GitHub
🔬

KuShu — Attack & Defence Research

KuShuSec is a collection of cloud security attack and defence research, tools, and mind maps — including the KuShu-Atama attack/defence mind map repository and SPADE research.

GitHub
🔬

Az-Skywalker

A collection of Azure security research tools exposing control plane isolation flaws, cross-plane data exposure, and silent data harvesting in Microsoft Azure iPaaS services.

GitHub
🔬

The Audrey Project

A curated RSS/OPML feed collection for tech and security professionals — helping you stay current without drowning in noise.

GitHub