Announcements   |   Jul 12 2018 | Andy Robbins

SpecterOps @ Black Hat 2018


We’re excited to have a full slate of activities this year at Black Hat 2018 as speakers, trainers, and (for the first time) as a sponsor. This year, our focus as a company has been around tradecraft transparency. Our talk, by Lee Christensen and Matt Graeber, will overview their research methodology on how they discovered methods for subverting Sysmon in Microsoft Windows operating systems. As always, we will highlight several defensive measures to detect and mitigate the technique as well.

Stop by our Booth

We’re excited to be sponsoring Black Hat this year. We’ll be there to talk shop and give folks a place to meet up with us. We’re also available if you’d like to chat about Cobalt Strike. There will be some free swag, stickers, shirts, and some other fun surprises. We’ll be giving away a free ticket to an upcoming SpecterOps hosted training class, good for any Adversary Tactics course offerings. Stop by booth 2411 (next to the IBM Lounge) to meet our team members and talk shop.

Last month, we were proud to support Andy Robbins (our Adversary Resilience lead) in his effort to support the Muscular Dystrophy Association. Andy spearheaded a fundraising effort through the first official shirt design based on the popular BloodHound tool. The design is available here: Matt Graeber and Lee Christensen donated their speaker’s honorarium to buy several shirts, which SpecterOps matched. Between our donations, we’ll have roughly 90 of those shirts at the booth to give away.

Happy Hour

Once again, we will be jointly hosting a happy hour Wednesday, August 8th at 7:00PM with Strategic Cyber (Cobalt Strike). We like to keep a smaller environment focused on food, drinks, and interesting discussions. So, space is limited by design. If you’re interested in attending, send us an email at

Conference Presentations

Talk – Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology
Wednesday, August 8 | 2:40pm-3:30pm | Lagoon JKL
Speaker: Lee Christensen, Matt Graeber
Tracks: Malware, Network Defense

Arsenal – BloodHound 1.5
Wednesday, August 8 | 11:30am-12:50pm | Business Hall (Oceanside), Arsenal Station 9
Presenter: Andy Robbins, Rohan Vazarkar
Track: Malware Offense

Training Sessions

Training – Adversary Tactics: Detection
August 4-5
Tracks: Defense

Training – Adversary Tactics: Detection
August 6-7
Tracks: Defense

Training – Adversary Tactics: PowerShell
August 4-7
Tracks: Defense, Malware

Training – Adversary Tactics: Red Team Ops
August 4-7
Tracks: PenTesting