Phishing

Azure and Entra ID Attacks: A Practical Primer with AADInternals and ROADtools

A hands-on introduction to Entra ID attacks: device code phishing, illicit consent grants, token theft, and the blue-team controls that stop them.

Tools & Defense

Phishing and Initial Access Tradecraft for Authorized Red Teams

A practical look at pretexting, Gophish campaigns, Evilginx MFA phishing, and the blue-team controls that stop them.

Mobile API OSINT