blog category
Research & Tradecraft
Research & Tradecraft
Administrator Protection Review
TL;DR Microsoft will be introducing Administrator Protection into Windows 11, so I wanted to have an...
By: Adam Chester
Jun 18, 2025 • 11 min read
Read Post
Research & Tradecraft
OneLogin, Many Issues: How I Pivoted from a Trial Tenant to Compromising Customer Signing Keys
TL;DR OneLogin was found to have security vulnerabilities in its AD Connector service that exposed authentication...
By: Julian Catrambone
Jun 10, 2025 • 11 min read
Read Post
Research & Tradecraft
Update: Dumping Entra Connect Sync Credentials
TL;DR Microsoft has recently changed how Entra Connect Sync authenticates to Entra ID. This blog post...
By: Daniel Heinsen
Jun 9, 2025 • 10 min read
Read Post
Research & Tradecraft
TL;DR Tokenization Confusion: We look at the new Prompt Guard 2 model from Meta, how “confusing”...
By: Adam Chester
Jun 3, 2025 • 20 min read
Read Post
Research & Tradecraft
TL;DR: This post shows how COM hijacking can serve as a reliable persistence method while also...
By: Antero Guy
May 28, 2025 • 7 min read
Read Post
Research & Tradecraft
Understanding & Mitigating BadSuccessor
TL;DR: BadSuccessor is a new AD attack primitive that abuses dMSAs, allowing an attacker who can...
By: Jim Sykora
May 27, 2025 • 24 min read
Read Post
Research & Tradecraft
As part of my role as Service Architect here at SpecterOps, one of the things I’m...
By: Adam Chester
Apr 8, 2025 • 12 min read
Read Post
Research & Tradecraft
An Operator’s Guide to Device-Joined Hosts and the PRT Cookie
About five years ago, Lee Chagolla-Christensen shared a blog detailing the research and development process behind...