Author: Khalifa Alshamsi

Home / Articles posted by Khalifa Alshamsi

Posted on April 16, 2026

Inside a Cyber Drill: How We Test Defenses Under Realistic Attack Conditions

Introduction Organizations invest heavily in their security stack. EDR, SIEM, backup infrastructure, incident response plans. But most of them never validate whether those defenses actually work under realistic attack conditions. Tabletop exercises test processes on paper. Penetration tests look for ways in. Neither of them answers the question of what actually happens when an advanced threat actor operates inside your environment, whether your security tools catch them and whether your team responds...

Read Post

by Khalifa Alshamsi

Posted on November 5, 2025

Red Teaming

Weaponizing Trust: ClickOnce Deployment with AppDomainManager Injection

The Story During a recent red team engagement in late 2025, we had a problem. The target environment was well defended, MDE and other controls were in full effect, and our usual initial-access techniques that worked in the past failed to get us a reliable foothold. Faced with that, we shifted gears and stitched together a different approach. The result: a technique that let us infiltrate by running inside the context of...

Read Post

by Khalifa Alshamsi

Author: Khalifa Alshamsi

Inside a Cyber Drill: How We Test Defenses Under Realistic Attack Conditions

Weaponizing Trust: ClickOnce Deployment with AppDomainManager Injection

SeamlessPass: Leveraging Kerberos Tickets to Access the Cloud