This is the third post in a series covering some of the thought processes and methodologies used when developing detections for offensive…

Abstract

I’ve been looking into Azure attack primitives over the past couple of months to gain a better understanding of how the system works, what…

There are countless blog posts specifically focusing on how different techniques work and recommending building detections, however, there…

Your new best friend: Introducing BloodHound Community Edition!

Written by: Jonathan Johnson and Matt Hand

Application Proxy Middleware for Session Stealing

Ghostwriter is a part of your team. It helps you manage clients, projects, reports, and infrastructure in one application.

Your new best friend: Introducing BloodHound Community Edition!

Your new best friend: Introducing BloodHound Community Edition!

The Australian Signals Directorate has hired American firm SpecterOps to train its agents as part of a strategy to strengthen its cyber incident response capacity. - 06/05/2021

As we’re continuing to approach our summer launch, many of you have asked us for a simple breakdown of BloodHound Enterprise vs BloodHound…

Table of Contents:

Screensavers for macOS Persistence

Explore lateral movement from Azure AD to on-prem AD using Microsoft Endpoint Manager. Learn how hybrid devices can be exploited for cross-domain attacks.

Active Directory Certificate Services has a lot of attack potential!

NTLM relay attacks have been around for a long time. While many security practitioners think NTLM relay is a solved problem, or at least a not-so-severe one, it is, in fact, alive and kicking and arguably worse than ever before. Relay attacks are the easiest…

It’s been almost a year since I published A Change of Mythic Proportions where Apfell was rebranded to Mythic. Since then, a lot has…

Ghostwriter is a part of your team. It helps you manage clients, projects, reports, and infrastructure in one application.

Your new best friend: Introducing BloodHound Community Edition!