This page is a dedicated resource, mostly for myself, to help me track the content that I’ve created on other sites. Feel free to click through some of these links and enjoy the journey!
Speaking Engagments
- Whoami Podcast: Episode 1
https://www.youtube.com/watch?v=rE2eBnE1LtA
- Secureworks 2023 Threat Intelligence Summit
- BlackHat USA 2022 Arsenal: WhiskeySAML&Friends
https://www.blackhat.com/us-22/arsenal/schedule/#whiskeysaml-and-friends-26670
- BlackHat Europe 2021 Arsenal: WhiskeySAML&Friends
https://www.blackhat.com/eu-21/arsenal/schedule/#whiskeysaml-and-friends-25024
External Blog Postings
- Permissive Avere Contributor Role Allows VM Credential Dumping
- Azure Redirect URI Takeover Vulnerability Threat Analysis
https://www.secureworks.com/research/azure-redirect-uri-takeover-vulnerability
- WhiskeySAML&Friends Golden SAML Exploitation Toolkit
https://www.secureworks.com/blog/going-for-the-gold-penetration-testing-tools-exploit-golden-saml
- Azure Active Directory Domain Service Privilege Escalation
https://www.secureworks.com/research/azure-active-directory-domain-services-escalation-of-privilege
- PEN-300: Evasion Techniques and Breaching Defenses Review
https://www.offsec.com/offsec/pen300-osep-review-nullg0re/
Open-Source Tools (Outside of Personal GitHub)
- WhiskeySAML&Friends Golden SAML Attack Framework
https://github.com/secureworks/whiskeysamlandfriends
- Cloudy-Loot
https://github.com/secureworks/Cloudy-Loot
- Family of Client IDs (FOCI) Research
https://github.com/secureworks/family-of-client-ids-research
Published Research
- Family of Client IDs