AI Isn’t Changing the Game, It’s Speeding It Up: Rethinking Modern Attack Paths Register Now

SpecterOps Blog

Filters

Categories

Clear all
Into The Rainbow: Google’s NTLMv1 Rainbow Tables Explained in a Bit Too Much Detail

Research & Tradecraft

Into The Rainbow: Google’s NTLMv1 Rainbow Tables Explained in a Bit Too Much Detail

TL;DR: Google published a blog post with accompanying rainbow tables targeting the Data Encryption Standard (DES) key space. The tables…

By: Skyler Knecht

10 mins
What’s New in the BloodHound Query Library: BYOL, OpenGraph, Multi-Server, and More

BloodHound

What’s New in the BloodHound Query Library: BYOL, OpenGraph, Multi-Server, and More

BloodHound Query Library - queries.bloodhound.io - update details: import custom query sources & shipping with three OpenGraph extension sources (Jamf,…

By: Martin Sohn Christensen

5 mins
BloodHound 9.0 — Product Updates

BloodHound

BloodHound 9.0 — Product Updates

Two weeks ago, we announced the new BloodHound Enterprise with OpenGraph extensions to extend attack path management to environments like…

By: Justin Kohler

5 mins
BloodHound Has Changed. Your Course Probably Hasn’t.

BloodHound

BloodHound Has Changed. Your Course Probably Hasn’t.

BloodHound has moved fast and not all courses have kept up. If you create or maintain a course or training…

By: Hugo van den Toorn

4 mins
Ghostwriter v6.3.0 and CLI v1.0.0: New Activity Logging, Faster Installs, and Better Writing QA

Research & Tradecraft

Ghostwriter v6.3.0 and CLI v1.0.0: New Activity Logging, Faster Installs, and Better Writing QA

TL;DR: Ghostwriter v6.3.0 makes day-to-day operations faster and more integrated, with a redesigned activity log that ties actions directly to…

By: Christopher Maddalena

11 mins
Janus: Listen to Your Logs

Research & Tradecraft

Janus: Listen to Your Logs

TLDR: Operators are telling you what to build. Janus listens. Every failed command, retry, and workaround during an engagement is…

By: Gavin Kramer

11 mins
Mythos, Machine-Speed Exploitation, and the Growing Importance of Identity Attack Paths

Industry Insights

Mythos, Machine-Speed Exploitation, and the Growing Importance of Identity Attack Paths

When Anthropic announced Mythos and the associated rollout plan, it sparked an immediate wave of discussion across the cybersecurity community.…

By: Jared Atkinson

9 mins
AI Red Teaming Still Comes Back to Identity, Access, and Attack Paths 

Industry Insights

AI Red Teaming Still Comes Back to Identity, Access, and Attack Paths 

Most enterprise AI system risk is not a novel model failure; it’s familiar security failure modes showing up in systems…

By: Russel Van Tuyl

10 mins
ghostsurf: From NTLM Relay to Browser Session Hijacking

Research & Tradecraft

ghostsurf: From NTLM Relay to Browser Session Hijacking

TL;DR: ntlmrelayx‘s SOCKS proxy works great for SMB and MSSQL but fails when you try to browse a web application…

By: Allen DeMoura

17 mins

Sign up for the latest updates

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Sign Up For Updates From SpecterOps

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.