Pinned
Our team will be all over #BHUSA!
🎓 4 hands-on trainings
🎤 3 technical briefings
🛠️ 5 Arsenal sessions
Stay in the loop on all we have going on that week.
➡️ specterops.io/black-hat/
SpecterOps
3,949 posts
SpecterOps
@SpecterOps
Creators of BloodHound | Experts in Adversary Tradecraft | Leaders in Identity Attack Path Management
Joined January 2017
- Replying to @SpecterOpsHere is the link to the SpecterOps Adversary Tactics: PowerShell course material: github.com/specterops/at-… Enjoy! For information about our current training offerings, information can be found here: specterops.io/how-we-help/tr… (4/4)
- Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️
- Starting April 6th, SpecterOps will be presenting a week of webinars while we collectively work from home in response to Covid-19. Each day is a different 30 minute talk given by one of our experts from our Adversary Simulation, Detection, and Adversary Resilience teams.
- New from @harmj0y - Releasing GhostPack! A few of the common tools ported to C# plus a few new ones to check out. More here:
- Don't understand SSH tunneling? Forget where to run which commands? Want to proxy tools into a client network during an offensive security operation? Check out this detailed guide on SSH tunnels and proxies from @Ne0nd0g Link:
- Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)
- Today, @Haus3c released a new post called, "Kerberosity Killed the Domain: An Offensive Kerberos Overview" Ryan consolidates many core concepts of modern Kerberos attacks into a concise reference post. Link:
- A new .NET command and control platform: Covenant by @cobbr_io is being released today. Check it out here:
- Classic NTLM relay problem: Stuck on port 445/TCP, can't use WMI (needs 135/TCP), and dumping hashes triggers EDR alerts. So what's a stealthy attacker to do? 🤔 Our latest blog post explores evasive alternatives beyond the old techniques.
- In part one of a two part series, @_wald0 demonstrates how to understand, measure, and reduce Active Directory attack surface using the Active Directory Adversary Resilience Methodology:
- The whitepaper for @harmj0y’s and @_wald0's "An ACE Up the Sleeve" BH/DC talk is now available! Check it out: specterops.io/resources/rese…
- We're thrilled to announce BloodHound Community Edition (CE) -- the next evolution of #BloodHound. Scheduled for release on 8/8, BloodHound CE has many new features & enhancements, making it easier for users to deploy, manage, and utilize. Learn more: ghst.ly/458lIGX
