SpecterOps expands Identity Attack Path Management to Okta, GitHub, and Mac. Learn More
BloodHound Enterprise
Advance from mapping to eliminating attack paths with the enterprise platform that delivers at scale
BloodHound Community Edition
Start mapping attack paths with the open-source tool that started it all
BloodHound Scentry
Accelerate your APM practice and reduce identity risk with expert guidance to protect your critical assets.
OFFENSIVE SERVICES
TRAINING
Adversary Tactics
Adversary Perspectives
TRAININGS
SO-CON 2026
Master in-demand skills with our specialized courses at SO-CON 2026.
SOLUTIONS
INDUSTRIES
PARTNERS & INTEGRATIONS
RESOURCES
Attack Path Management Maturity Model
Evaluate your ability to stop identity-based attacks
Community Hub
Share tradecraft, ask questions, work on open-source projects, and learn together. Events, community wins, and videos, all in one place.
OPEN SOURCE TOOLS
Join the Conversation
Learn from others and share your story on the BloodHoundGang Slack Community
OPEN SOURCE RESEARCH
Nemesis 2.2
Nemesis 2.2 introduces a number of powerful new features focusing...
ABOUT US
GET IN TOUCH
PRESS RELEASE
SpecterOps Expands Identity Attack Path Management to Okta, GitHub, and Mac
FEATURED EVENT
Conference: April 13-14, 2026 Training: April 15-18, 2026
RESEARCH
BLOG
EVENTS
Fueling the Fight Against Identity Attacks
When we founded SpecterOps, one of our core principles was to build a...
The Renaissance of NTLM Relay Attacks
NTLM relay attacks have been around for a long time. While many security...
Research & Tradecraft
TL;DR: A pleasant evening conversation last summer with Claude resulted in a possible disclosure of its internal architecture. Introduction As…
By: Max Andreacchi
12 mins
TL;DR: Nemesis 2.X makes it easy to extend the platform – this guide walks through creating new file enrichment modules…
By: Will Schroeder, Lee Chagolla-Christensen
16 mins
TL;DR: Nemesis 2.2 automates the entire DPAPI decryption chain – from SYSTEM/user masterkeys through CNG keys to Chromium’s latest App-Bound…
TL;DR: Nemesis 2.2 introduces a number of powerful new features focusing on large container processing, data processing agents, enhanced DPAPI…
22 mins
TL;DR: At SpecterOps, we look at Attack Path Management from multiple perspectives, including those of identifying areas to implement quality…
By: Joshua Prager
20 mins
TL;DR: Conditional Access is powerful but hard to reason about once policies start to overlap. CAPSlock is an offline Conditional…
By: Lee Robinson
18 mins
TL;DR : This post aims to introduce readers to the anatomy and detection of JavaScript memory corruption exploits that target Google…
By: Liam D.
17 mins
BloodHound
SpecterOps is excited to announce the launch of our newest addition to BloodHound Enterprise, BloodHound Scentry. BloodHound Scentry is an…
By: Robby Winchester
5 mins
Company Updates
We are excited to announce a new partnership with worldwide technology leader Cisco, adding BloodHound Enterprise to the Cisco Solutions…
By: SpecterOps Team
2 mins
By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
