We’ll be at RSA Conference 2024! Learn more about Attack Path Management with SpecterOps.
Learn More
Services
PROGRAM DEVELOPMENT
Overview
Developing Capabilities
Expert Support
Assessments
Penetration Testing
Red Team Engagements
Purple Team Assessments
Maturity Assessments
AD Attack Path Assessment
Solutions
BloodHound Enterprise
Training
Adversary Tactics Training Courses
Red Team Operations
Tradecraft Analysis
Detection
Vulnerability Research for Operators
Active Directory Security Fundamentals
Azure Security Fundamentals
Private Training
Talk to us
Partners
SpecterOps
Partner Program
Identify your customers attack paths
before attackers do
Become a Partner
Partner Portal Sign In
About
ABOUT US
Who We Are
Values
Team
Careers
News
Announcements
Newsroom
Resources
White Papers
Case Studies
Sponsored Tools
Vulnerability Acknowledgements
Datasheets
Blog
Events
Sponsored Events
Talks
Training Courses
Webinars
Contact Us
FEATURED BLOG
Final Steps to BloodHound Enterprise for Government— FedRAMP High Compliance
Read Post
See All Posts
All
Blog
Research
Solutions
Search
Blog
Latest Posts
Explore on Medium
4 Min Read | May 18
EntropyCapture: Simple Extraction of DPAPI Optional Entropy
Intro During a short application assessment, enumeration and decryption of a third-party application’s Windows Data Protection API (DPAPI) blobs using SharpDPAPI produced non-readable data because optional entropy was being used. [...]
23 Min Read | May 04
Learning Machine Learning Part 3: Attacking Black Box Models
In the first post in this series we covered a brief background on machine learning, the Revoke-Obfuscation approach for detecting obfuscated PowerShell scripts, and my efforts to improve the dataset [...]
25 Min Read | Apr 26
Learning Machine Learning Part 2: Attacking White Box Models
In the previous post, I went through a very brief overview of some machine learning concepts, talked about the Revoke-Obfuscation project, and detailed my efforts at improving the dataset and [...]
13 Min Read | Apr 20
Abusing Azure Container Registry Tasks
Intro and Prior Work More and more organizations are adopting cloud computing, migrating existing business processes and creating new business processes in Azure, AWS, and GCP. One of the most common [...]
22 Min Read | Apr 13
Coercing NTLM Authentication from SCCM
tl;dr: Disable NTLM for Client Push Installation When SCCM automatic site assignment and automatic client push installation are enabled, and PKI certificates aren’t required for client authentication, it’s possible to [...]
4 Min Read | Apr 06
Ghostwriter v2.3.0 & 2022 Road Map
27 Min Read | Apr 05
Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation
3 Min Read | Mar 21
War In Ukraine
3 Min Read | Mar 17
Announcing Azure in BloodHound Enterprise
PREV
<
5
6
7
8
9
10
11
NEXT
Get Started
Defend Against
Advanced Attacks
Talk to an Expert