Services
PROGRAM DEVELOPMENT
Overview
Developing Capabilities
Expert Support
Assessments
Penetration Testing
Red Team Engagements
Purple Team Assessments
Maturity Assessments
Solutions
BloodHound Enterprise
Training
Adversary Tactics Training Courses
Red Team Operations
Tradecraft Analysis
Mac Tradecraft
Detection
Vulnerability Research for Operators
Active Directory Security Fundamentals
Private Training
Talk to us
About
ABOUT
Who We Are
Values
Team
Careers
News
Announcements
Media
Resources
Recent Posts
White Papers
Sponsored Tools
Vulnerability Acknowledgements
Datasheets
Blog
Events
Sponsored Events
Talks
Training Courses
Webinars
Contact Us
FEATURED BLOG
Introducing BloodHound 4.3 — Get Global Admin More Often
Read Post
All
Blog
Research
Solutions
Search
Blog
All Posts
4 Min Read | Apr 06
Ghostwriter v2.3.0 & 2022 Road Map
Ghostwriter is changing! We try to be transparent with our development work, but it has been tricky to make that information accessible. We tried to use a Trello board, blog [...]
27 Min Read | Apr 05
Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation
For the past two years I’ve been trying to get a grasp on the field of machine learning with the hopes of applying it to both offense and defense. At [...]
3 Min Read | Mar 21
War In Ukraine
The past few years have been incredibly tumultuous and emotionally difficult for us all. As the CEO of SpecterOps, I have felt our employees, customers, and community were best served [...]
3 Min Read | Mar 17
Announcing Azure in BloodHound Enterprise
In July of 2021, we launched BloodHound Enterprise. Since then, our customers have been using BHE to easily identify and eliminate millions, even billions of attack paths in their on-prem [...]
16 Min Read | Mar 09
Revisiting Phishing Simulations
This post was written by Matt Hand and the rest of the SpecterOps team. Overview SpecterOps is a huge proponent of the “assumed breach” red team execution model where we [...]
4 Min Read | Mar 03
Attack Path Management Pillars: Part 3 — Safe AD Security Remediation Guidance
Attack Path Management Pillars: Part 3 —Practical AD Security Remediation Guidance Historically, Identity Attack Paths are a double edge sword; remediation efforts can easily break production applications or create more [...]
5 Min Read | Feb 16
Dylib Loads that Tickle your Fancy
Loading malicious dylibs into the Tclsh binary Background As detection of osascript command-line executions has increased, I started looking more into alternative forms of payload execution. As a result of this [...]
5 Min Read | Feb 09
Introducing BloodHound 4.1 — The Three Headed Hound
Introducing BloodHound 4.1 — The Three Headed Hound Prior Work Analyzing Active Directory attack paths using graph theory is not a new concept. Prior work includes the following: Heat-ray by John Dunagan, Alice [...]
6 Min Read | Feb 02
Apollo 2.0 — New Year, New Features
Apollo 2.0 — New Year, New Features Introduction At the beginning of 2020, I took my first real foray into programming. Inspired by Cody Thomas’s Mythic, I undertook to, what was unbeknownst to [...]
PREV
1
2
3
4
5
6
7
8
NEXT
Get Started
Defend Against
Advanced Attacks
Talk to an Expert