Extracting credentials from Azure Entra Connect.

Persuading Windows hosts to provide machine account credentials.

Testing IPv6 security.

Intercepting multi factor authentication credentials using an Nginx reverse proxy.

Sending Phishing emails to capture login credentials.

Using Terraform to deploy testing infrastructure & auditing Terraform configuration files.