SpecterOps aspires to set the cadence for the rest of the cyber security industry and bring unique insight and training into the advanced threat actor tradecraft. Our team has deep experience built through helping hundreds of clients shut down attack paths, evaluate, and develop security operations programs, providing premier adversarial training courses to thousands of students in advanced adversary Tactics, Techniques, and Procedures (TTPs), and sponsoring numerous projects to help the security industry as a whole.
Our security team consists of some of the most sought-after industry experts, bringing deep knowledge of adversary tradecraft and years of experience in attack path management and improving threat detection and response capabilities across both commercial and government sectors.
You have likely found many of our team members speaking at industry conferences on the latest adversary tools and techniques, providing numerous research papers and posts, and developing some of the most widely used open-source tools in the industry.
Our team members are on the forefront of security research, and we are always willing to share our knowledge of attack path management, tradecraft analysis, and other adversary tactics. The objective of every solution we offer is to provide our customers with capabilities to improve their own security operations, not only while we’re there, but even after we’re gone.
We share our operational knowledge and lessons learned in the cyber security field with your team to hone their skill sets, their efficiency, and ultimately better secure your business.
Leveraging expertise built through years of cyber security training, experience and assessments across industries and hundreds of environments, our operators use our understanding of advanced adversary Tactics, Techniques, and Procedures (TTPs) to effectively assess and improve your security posture and ability to respond to today’s sophisticated attacks.
Whether you are building new adversary tradecraft detection and simulation teams or looking to mature existing competencies, we provide an effective approach focused on comprehensively integrating technical components into the overall cyber security operations program, ensuring robust prevention, detection, attack path management, and response capabilities.
The human component to any security program is critical. Building fundamental knowledge and perfecting the skills necessary to protect the enterprise through realistic adversary training is essential to robust security programs. Our cyber security training courses and solutions equip participants with the skills to attack, defend, and harden their environments against advanced threat actors.
From the creators of BloodHound, an Attack Path Management solution that continuously maps and quantifies Active Directory Attack Paths. Remove millions of Attack Paths within your existing architecture and eliminate the attacker’s easiest, most reliable, and most attractive target.
We created a new tool to help you install and manage BloodHound instances, BloodHound CLI! GitHub – SpecterOps/bloodhound-cli Written entirely in Go, this command-line tool can be cross-compiled to support Windows, macOS, and Linux, so you can use whichever operating system you like as your host system for BloodHound. You only need to have Docker […]
On Detection: Tactical to Functional Why it is Difficult to Say What a Tool Does Introduction Over the years, I’ve noticed that we have a difficult time describing a specific tool’s functionality. I participated in conversations or listened to lectures where someone inevitably attempts to describe the techniques or behavior that they associate with a given […]
On Detection: Tactical to Functional Seven Ways to View API Functions Introduction Welcome back to Part 15 of the On Detection: Tactical to Functional blog series. I wrote this article to serve as a resource for those attempting to create tool graphs to describe the capabilities of the attacker tools or malware samples they encounter. […]
ADFS — Living in the Legacy of DRS It’s no secret that Microsoft have been trying to move customers away from ADFS for a while. Short of slapping a “deprecated” label on it, every bit of documentation I come across eventually explains why Entra ID should now be used in place of ADFS. And yet… we still encounter it […]
TL;DR: The Misconfiguration Manager DETECT section has been updated with relevant guidance to help defensive operators identify the most prolific attack techniques from the Misconfiguration Manager project. Background If you have been following SpecterOps’s offensive security research over the last few years, you may have noticed our interest in targeting attack paths leveraging Microsoft’s Configuration Manager […]
Just in time for the holidays, sharper tools for faster defense Today, the SpecterOps team rolled out a number of new features, product enhancements, and recommendations intended to help users of BloodHound Enterprise and BloodHound Community Edition more easily visualize attack paths and show improvements in identity risk reduction over time. Scroll down to learn more […]
Author: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin […]
Author: David McGuire, CEO, SpecterOps Today, we’re thrilled to announce that SpecterOps has earned FedRAMP High Authorization for BloodHound Enterprise! This is no small achievement, as it makes our BloodHound Enterprise identity security platform available to U.S. government organizations that operate at the FedRAMP High baseline. This shows SpecterOps’ commitment to data security for all […]
Brief This post details the existing and new functions in BARK that support adversarial tradecraft research relevant to the Azure Key Vault service. The latter part of the post shows an example of how a red team operator may use these commands during the course of an assessment. Authentication Azure Key Vault is one of […]
If I have a command and control (C2) agent on an Intune admin’s workstation, I should just be able to use their privileges to execute a script or application on an Intune-enrolled device, right? Not so fast. I Wanna Go Fast! Take me to the GitHub repo! Take me to the attack path walkthrough! Take me to the defensive […]
