SpecterOps (@SpecterOps) / X

SpecterOps

3,941 posts

SpecterOps

@SpecterOps

Creators of BloodHound | Experts in Adversary Tradecraft | Leaders in Identity Attack Path Management

Joined January 2017

SpecterOps
@SpecterOps
Jan 22, 2020
Replying to @SpecterOps
Here is the link to the SpecterOps Adversary Tactics: PowerShell course material: github.com/specterops/at-… Enjoy! For information about our current training offerings, information can be found here: specterops.io/how-we-help/tr… (4/4)
GitHub - SpecterOps/at-ps: Adversary Tactics - PowerShell Training
From github.com
SpecterOps
@SpecterOps
Oct 23, 2025
Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm
137K
SpecterOps
@SpecterOps
Mar 27, 2020
Starting April 6th, SpecterOps will be presenting a week of webinars while we collectively work from home in response to Covid-19. Each day is a different 30 minute talk given by one of our experts from our Adversary Simulation, Detection, and Adversary Resilience teams.
SpecterOps
@SpecterOps
Jul 24, 2018
New from @harmj0y - Releasing GhostPack! A few of the common tools ported to C# plus a few new ones to check out. More here:
GhostPack
From specterops.io
SpecterOps
@SpecterOps
Apr 22, 2021
Don't understand SSH tunneling? Forget where to run which commands? Want to proxy tools into a client network during an offensive security operation? Check out this detailed guide on SSH tunnels and proxies from @Ne0nd0g Link:
Blog
From specterops.io
SpecterOps
@SpecterOps
Jan 22, 2020
Despite its incredible security enhancements, PowerShell continues to be abused by adversaries. A strong knowledge of PowerShell enables defenders to effectively manage and respond to its abuse. (1/4)
SpecterOps
@SpecterOps
Mar 10, 2020
Today, @Haus3c released a new post called, "Kerberosity Killed the Domain: An Offensive Kerberos Overview" Ryan consolidates many core concepts of modern Kerberos attacks into a concise reference post. Link:
Blog
From specterops.io
SpecterOps
@SpecterOps
Feb 7, 2019
A new .NET command and control platform: Covenant by @cobbr_io is being released today. Check it out here:
Blog
From specterops.io
SpecterOps
@SpecterOps
Oct 30, 2017
Check out @harmj0y's exhaustive and comprehensive coverage of Active Directory Domain Trust abuse!
A Guide to Attacking Domain Trusts
From specterops.io
SpecterOps
@SpecterOps
Jul 24, 2025
Classic NTLM relay problem: Stuck on port 445/TCP, can't use WMI (needs 135/TCP), and dumping hashes triggers EDR alerts. So what's a stealthy attacker to do? 🤔 Our latest blog post explores evasive alternatives beyond the old techniques.
Escaping the Confines of Port 445
From specterops.io
14K
SpecterOps
@SpecterOps
Feb 21, 2018
In part one of a two part series, @_wald0 demonstrates how to understand, measure, and reduce Active Directory attack surface using the Active Directory Adversary Resilience Methodology:
Introducing the Adversary Resilience Methodology — Part One
From specterops.io
SpecterOps
@SpecterOps
Aug 18, 2017
The whitepaper for @harmj0y’s and @_wald0's "An ACE Up the Sleeve" BH/DC talk is now available! Check it out: specterops.io/resources/rese…
SpecterOps
@SpecterOps
Aug 1, 2023
We're thrilled to announce BloodHound Community Edition (CE) -- the next evolution of #BloodHound. Scheduled for release on 8/8, BloodHound CE has many new features & enhancements, making it easier for users to deploy, manage, and utilize. Learn more: ghst.ly/458lIGX
32K
SpecterOps
@SpecterOps
Feb 26, 2018
In part two, @_wald0 demonstrates the technical details of the Active Directory Adversary Resilience methodology, using a combination of @Neo4j's Cypher query language and the #BloodHound interface:
Blog
From specterops.io