blog category
Research & Tradecraft
Research & Tradecraft
On Detection: Tactical to Functional
Part 9: Perception vs. Conception The concepts discussed in this post are related to those discussed...
By: Jared Atkinson
Oct 20, 2023 • 18 min read
Read Post
Research & Tradecraft
BloodHound Enterprise: Securing Active Directory Using Graph Theory
BloodHound Enterprise: Securing Active Directory Using Graphs Prior to my employment at SpecterOps, I hadn’t worked...
By: Irshad Ajmal Ahmed
Oct 20, 2023 • 6 min read
Read Post
Research & Tradecraft
Part 9: Perception vs. Conception
By: Jared Atkinson
Oct 20, 2023 • 18 min read
Read Post
Research & Tradecraft
Uncovering RPC Servers through Windows API Analysis
Intro Have you ever tried to reverse a simple Win32 API? If not, let’s look at...
By: Kai Huang
Oct 18, 2023 • 18 min read
Read Post
Research & Tradecraft
Perfect Loader Implementations
Thank you to SpecterOps for supporting this research and to Lee and Sarah for proofreading and...
By: Evan McBroom
Oct 9, 2023 • 6 min read
Read Post
Research & Tradecraft
One Site to Rule Them All tl;dr: There is no security boundary between sites in the same...
By: Chris Thompson
Sep 25, 2023 • 13 min read
Read Post
Research & Tradecraft
Ghostwriter v4: 2FA, RBAC, and Logging, Oh My!
Ghostwriter v4 is officially here! Technically, it’s been available as a release candidate for a while,...
By: Christopher Maddalena
Sep 20, 2023 • 7 min read
Read Post
Research & Tradecraft
Reactive Progress and Tradecraft Innovation
Detection as Prediction The overarching goal of a security operations program is to prevent or mitigate...
By: Michael Barclay
Sep 19, 2023 • 22 min read
Read Post
Research & Tradecraft
Shadow Wizard Registry Gang: Structured Registry Querying
Why Do We Need New Tooling for Registry Collection? The Windows registry, an intricate database storing...