Join us December 18th for our BloodHound Live: Monthly Release Recap!
Register Now
Services
PROGRAM DEVELOPMENT
Overview
Developing Capabilities
Expert Support
Assessments
Penetration Testing
Red Team Engagements
Purple Team Assessments
Maturity Assessments
AD Attack Path Assessments
Products
BLOODHOUND
BloodHound
Community Edition
Overview
GitHub
Get Started
BloodHound
Enterprise
Overview
What is Attack Path Management?
Interactive Demos
BloodHound Feature Comparison
Use Cases
Privileged Access Governance and Compliance
Scaling Beyond BloodHound Community Edition
Eliminate Lateral Movement
Manage Identity Risk
Mergers and Acquisitions
Industry
Public Sector
Financial Services
Healthcare
Support
Get a Demo
Go to Slack
Training
Adversary Tactics Training Courses
Red Team Operations
Identity-Driven Offensive Tradecraft
Tradecraft Analysis
Detection
Vulnerability Research for Operators
Active Directory Security Fundamentals
Azure Security Fundamentals
Private Training
Talk to us
Partners
SpecterOps
Partner Program
Identify your customers attack paths
before attackers do
Become a Partner
Partner Portal Sign In
About
ABOUT US
Who We Are
Values
Team
Careers
News
Announcements
Newsroom
Resources
White Papers
Case Studies
Sponsored Tools
Vulnerability Acknowledgements
Datasheets
Blog
Events
Sponsored Events
Talks
Training Courses
Webinars
Meet Ups
Contact Us
FEATURED BLOG
Maestro: Abusing Intune for Lateral Movement Over C2
Read Post
See All Posts
All
Active Directory
Active Directory Security
Attack Path Management
Azure
Azure Active Directory
Blog
Bloodhound
Bloodhound Enterprise
Credentials
Cybersecurity
Hacking
Information Security
Linux
Microsoft
Offensive Security
Penetration Testing
Ransomware
Red Team
Research
Solutions
Windows
Search
Blog
Latest Posts
Explore on Medium
9 Min Read | Jan 18
The Defender’s Guide to Windows Services
7 Min Read | Jan 12
SCCM Site Takeover via Automatic Client Push Installation
13 Min Read | Dec 21
Passwordless Persistence and Privilege Escalation in Azure
Adversaries are always looking for stealthy means of maintaining long-term and stealthy persistence and privilege in a target environment. Certificate-Based Authentication (CBA) is an extremely attractive persistence option in Azure [...]
6 Min Read | Dec 01
Stalking inside of your Chromium Browser
Revisiting Remote Debugging Okay, you got your favorite agent running on the target machine. You did a process listing, but nothing interesting popped out. You searched through every possible thing, [...]
6 Min Read | Nov 14
Uncovering Window Security Events
Part 1: TelemetrySource Data is the foundation by which defense is built upon. This data can come from various telemetry sources — native logging, Endpoint Detection and Response (EDR) tools, network logging, [...]
16 Min Read | Nov 09
Certificates and Pwnage and Patches, Oh My!
This post was written by Will Schroeder and Lee Christensen. A lot has happened since we released the “Certified Pre-Owned” blog post and whitepaper in June of last year. While [...]
10 Min Read | Oct 31
The Defender’s Guide to the Windows Registry
4 Min Read | Oct 19
Ghostwriter v3.1 Now Available
14 Min Read | Oct 05
Prioritization of the Detection Engineering Backlog
PREV
<
9
10
11
12
13
14
15
>
NEXT
Get Started
Defend Against
Advanced Attacks
Talk to an Expert
