In August of last year, @tifkin_ , @0xdab0 , and I released Nemesis , our offensive data enrichment platform. After lots of feedback, operational testing, hundreds of commits, and another solid ...
Thank you to SpecterOps for supporting this research, to Elad for helping draft this blog, and to Sarah , Daniel , and Adam for proofreading and editing! Crossposted on GitHub . What follow...
TL;DR: I WROTE A SCRIPT TO IDENTIFY EVERY TAKEOVER AND ELEVATE ATTACK IN MISCONFIGURATION MANAGER. Ever since Garrett Foster , Duane Michael , and I released Misconfiguration Manager at SO-CON...
Let’s dive into what makes this so exciting! There’s so much to cover that we won’t be offended if you want to look at the CHANGELOG for a quick synopsis. INTRODUCING CUSTOMIZABLE FIELDS...
https://posts.specterops.io/ghostwriter-v4-1-the-custom-fields-update-fe07f7dda293
Written by Zach Stein & Duane Michael SPECTEROPS HACKATHON Back in January, SpecterOps held our annual hackathon event, loosely based on Atlassian’s “FedEx Day” (now called “ShipIt ...
https://posts.specterops.io/getting-intune-with-bugs-and-tokens-a-journey-through-epm-013b431e7f49
How MS Exchange on-premises compromises Active Directory and what organizations can do to prevent that. At SpecterOps, we recommend our customers establish a security boundary around their mos...
https://posts.specterops.io/pwned-by-the-mail-carrier-0750edfad43b
I hope I’m Not Too Late With the explosion of large language model (LLM) use, everyone is rushing to apply LLMs to their specific industry and it’s the same for information security . Whi...
https://posts.specterops.io/summoning-ragnarok-with-your-nemesis-7c4f0577c93b
Zugspitze, Bavaria, Germany. Photo by Andrew Chiles Did you know that it is possible to perform every step in Entra’s OAuth 2.0 Device Code flow — including the user authentication ste...
https://posts.specterops.io/browserless-entra-device-code-flow-0802f3bbb91a
TL;DR: Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance. We’re also presenting this...
https://posts.specterops.io/misconfiguration-manager-overlooked-and-overprivileged-70983b8f350d
Ever since SpecterOps first launched BloodHound Enterprise (BHE) in July 2021, one of our team’s biggest frustrations involved a lack of FedRAMP qualifications, which prevented us from supporti...
https://posts.specterops.io/final-steps-to-bloodhound-federal-fedramp-high-compliance-8475c6aee8c9