blog category
Research & Tradecraft

Research & Tradecraft
On Detection: Tactical to Functional When the Operation is not Enough Introduction A while back, I was...
By: Jared Atkinson
Jun 5, 2024 • 17 min read
Read Post
Research & Tradecraft
Part 13: Why a Single Test Case is Insufficient
By: Jared Atkinson
May 31, 2024 • 24 min read
Read Post
Research & Tradecraft
Behavior vs. Execution Modality
On Detection: Tactical to Functional Part 12 Introduction At Shmoocon 2015, Will Schroeder (Harmj0y) gave a...
By: Jared Atkinson
May 21, 2024 • 20 min read
Read Post
Research & Tradecraft
Part 12: Behavior vs. Execution Modality
By: Jared Atkinson
May 21, 2024 • 20 min read
Read Post
Research & Tradecraft
This post is a follow-up to my previous post on manual LDAP querying. I would highly...
By: Hope Walker
May 2, 2024 • 20 min read
Read Post
Research & Tradecraft
ADCS Attack Paths in BloodHound — Part 2
ADCS Attack Paths in BloodHound — Part 2 In Part 1 of this series, we explained how we incorporated...
By: Jonas Bülow Knudsen
May 1, 2024 • 13 min read
Read Post
Research & Tradecraft
In August of last year, @tifkin_, @0xdab0, and I released Nemesis, our offensive data enrichment platform....
By: will schroeder
Apr 25, 2024 • 10 min read
Read Post
Research & Tradecraft
Thank you to SpecterOps for supporting this research, to Elad for helping draft this blog, and...
By: Evan McBroom
Apr 17, 2024 • 35 min read
Read Post
Research & Tradecraft
Rooting out Risky SCCM Configs with Misconfiguration Manager
tl;dr: I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager. Ever...