Welcome to the Playground
An introduction to my identity security research repository covering Active Directory, Entra ID, and hybrid identity threat research.
Security Research and Other Stuff
In 2026, Do Active Directory and Linux Play Well Together?
A look at how Linux and AD are commonly used and configured in 2026
Ransomware Reimagined Talk Slides
Ransomware Reimagined Talk Slides
Your AI Coding Assistant is Leaking Secrets
AI desktop assistants and coding tools need credentials to reach external services, and many of them store those credentials as plaintext JSON at predictable paths in the user's home directory. This research covers how credential storage works across 14 popular AI tools, where OS keychain integration is present or missing, and eight attack scenarios that turn that exposure into real risk, from malware-based theft to remote session hijacking to supply-chain compromise via MCP servers.
Is Typing Going Extinct?
Food for thought... will AI voice assistance do to typing, what smartphones and computers did to cursive?
Half of All MCP Servers Store Your Secrets in Plaintext
The credential storage problem nobody's talking about in the AI tool ecosystem. A look at MCP server credential storage and security
Kerberos Reflection Talk Slides
Kerberos Reflection Talk Slides
VSphere AD Integration Security Implications
VSphere AD Integration Security Implications
How I Accidentally Built a Security Testing Swarm with Claude Code
An Explaination of Kerberos Pre-Auth
Beyond 'Loopy Ticket' (CVE-2025-33073)- Pratical Detection and Mitigation of NTLM/Kerberos Reflection Conditions
What You Need to Know First Kerberos remains foundational in Active Directory, with service tickets and SPNs (Service Principal Name) validation defining access boundaries. The rise of certificate...