Elad Shamir

VP of Research and Development

Elad Shamir is the VP of R&D at SpecterOps, specializing in identifying security flaws in complex systems. His work focuses on authentication and authorization abuse and on uncovering attack paths across Active Directory and modern cloud environments.

See the latest by Elad Shamir

Research & Tradecraft

Is Kerberoasting Still a Risk When AES-256 Kerberos Encryption Is Enabled?

TL;DR Kerberoasting is fundamentally a weak password problem. Stronger encryption slows down cracking, but it doesn’t eliminate the risk. If…

By: Elad Shamir

4 mins

Research & Tradecraft

The Renaissance of NTLM Relay Attacks: Everything You Need to Know

NTLM relay attacks have been around for a long time. While many security practitioners think NTLM relay is a solved…

By: Elad Shamir

40 mins

Research & Tradecraft

Navigating the Uncharted: A Framework for Attack Path Discovery

This is the second post in a series on Identity-Driven Offensive Tradecraft, which is also the focus of the new…

By: Elad Shamir

8 mins

Research & Tradecraft

The Security Principle Every Attacker Needs to Follow

Earlier this year, I was tasked with developing a follow-on course for our renowned Adversary Tactics: Red Team Operations course.…

By: Elad Shamir

12 mins

Research & Tradecraft

At the Edge of Tier Zero: The Curious Case of the RODC

The read-only Domain Controller (RODC) is a solution that Microsoft introduced for physical locations that don’t have adequate security to…

By: Elad Shamir

19 mins

Research & Tradecraft

Shadow Credentials: Abusing Key Trust Account Mapping for Account Takeover

By: Elad Shamir

12 mins