blog category
Research & Tradecraft
Research & Tradecraft
Ghostwriter v2.3.0 & 2022 Road Map
Ghostwriter is changing! We try to be transparent with our development work, but it has been...
Apr 6, 2022 • 5 min read
Read Post
Research & Tradecraft
Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation
For the past two years I’ve been trying to get a grasp on the field of...
Apr 5, 2022 • 34 min read
Read Post
Research & Tradecraft
Revisiting Phishing Simulations
This post was written by Matt Hand and the rest of the SpecterOps team. Overview SpecterOps...
Mar 9, 2022 • 20 min read
Read Post
Research & Tradecraft
Introducing BloodHound 4.1 — The Three Headed Hound
Introducing BloodHound 4.1 — The Three Headed Hound Prior Work Analyzing Active Directory attack paths using graph theory is...
Feb 9, 2022 • 6 min read
Read Post
Research & Tradecraft
Mythic 2.3 — An Interface Reborn
Mythic 2.3 — An Interface Reborn New Mythic Search Mythic started off as a proof of concept, open source...
Jan 31, 2022 • 13 min read
Read Post
Research & Tradecraft
Ghostwriter: Looking Back at 2021
It has been a while since we last published details about the Ghostwriter project, but the...
Dec 22, 2021 • 6 min read
Read Post
Research & Tradecraft
Entity Based Detection Engineering with BloodHound Enterprise
Critical Attack Path with Auditing Table of Contents Introduction Enterprise Access Model BloodHound and Detection BloodHound Enterprise Entity Based...
Aug 18, 2021 • 13 min read
Read Post
Research & Tradecraft
L;DR Active Directory Certificate Services has a lot of attack potential! Check out our whitepaper “Certified Pre-Owned:...
Jun 17, 2021 • 28 min read
Read Post
Research & Tradecraft
An Introduction to Manual Active Directory Querying with Dsquery and Ldapsearch
Introduction Let’s be honest, BloodHound and PowerView are objectively better tools for querying, enumerating, and investigating Active Directory (AD). They...