Blog

Intro The wireless security landscape has remained largely unchanged since the development of Wi-Fi Protected Access (WPA/WPA2) in the early 2000s. However, in recent years the Wi-Fi alliance has made significant efforts to address long standing issues within these standards. In this entry I will shed some light on common infrastructure configurations, their associated weaknesses, and practical attacks against...Continue reading 

In the 11+ years Depth has been in business we've had the opportunity to see some less than stellar work as far as assessment services go. Our clients often send us assessment reports they've received from other security firms. Sometimes they want us to check remediation status on a single item. Other times they aren't sure whether a given vulnerability is...Continue reading 

TL;DR The current state of password spraying Office 365 accounts could benefit from new approaches to bypassing Azure AD conditional access policies and other techniques that make it difficult to detect password spraying techniques. Built with Python 3 using Microsoft's Authentication Library (MSAL), Spray365 makes password spraying more effective by identifying insecure conditional access policies and allows for randomized password spraying...Continue reading