We test Active Directory, Azure AD, Microsoft 365, and on-prem infrastructure for misconfigurations, privilege escalation, and data leakage.
Active Directory. Testing for misconfigurations, Kerberoasting, AS-REP roasting, and privilege escalation paths.
Azure AD / Entra ID. We test identity and conditional access policies for bypass and misconfiguration issues.
Microsoft 365 Security. Reviewing M365 security configurations and data leakage risks across the platform.
Exchange, Teams & SharePoint. Checking access controls for unauthorized data access and oversharing.
On-Premise Infrastructure. Testing on-prem Exchange, SCCM, and legacy domain controllers for known and novel attack vectors.
Credential & Token Attacks. Testing for password spraying, token replay, and pass-the-hash attacks across hybrid identity environments.