Skip to content
Offensive & Defensive Security

PurpleSec

Where offense meets defense — a living archive of real-world attack paths, Hack The Box pwns, and threat research, built to make defenders think like attackers.

PurpleSec — Cybersecurity Research & Enterprise Defense

0+
HTB Machines Pwned
0+
AD Attack Techniques
0+
Research Articles
0+
Years In The Field
Latest Drop

Featured Intel

Freshly published from the research desk.

Latest Post
81 Million Login Attempts in 14 Days: Inside the Massive Azure CLI Password Spray Campaign
July 02, 2026 11 min read #Azure
A deep technical analysis of the LSHIY password spray campaign that hit 64 organizations via Azure CLI's ROPC flow — how it bypassed MFA, why Conditional Access policies failed, and how to lock down your Microsoft 365 tenant.
Read full analysis →
From the blog

Recent Posts

Writeups and research notes, newest first.

Credentials

Certifications

Validation that the methodology holds up under pressure.

PNPT
Practical Network Penetration Tester
Certified
Anthropic
Claude Code in Action
Certified
Securiti
AI Security & Governance
Certified
AZ-104
Azure Administrator Associate
Certified
SC-300
Identity and Access Administrator
Certified
OSCP
Offensive Security Certified Professional
In Progress
Ethos

Words to Hack By

Let's talk security.

Building something, breaking something, or hardening something? I'm always up for a sharp conversation on offensive tradecraft, detection engineering, or where the industry is heading next.