Manual LDAP Querying: Part 2 2024-5-2 23:1:54 | 阅读: 6 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

ADCS Attack Paths in BloodHound — Part 2 2024-5-1 23:57:35 | 阅读: 6 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Nemesis 1.0.0 2024-4-26 02:28:18 | 阅读: 8 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

LSA Whisperer 2024-4-17 23:46:49 | 阅读: 4 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Rooting out Risky SCCM Configs with Misconfiguration Manager 2024-4-11 23:56:15 | 阅读: 5 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Ghostwriter v4.1: The Custom Fields Update 2024-4-6 01:29:2 | 阅读: 4 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Getting Intune with Bugs and Tokens: A Journey Through EPM 2024-4-2 23:37:29 | 阅读: 5 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Pwned by the Mail Carrier 2024-3-21 00:28:57 | 阅读: 6 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Summoning RAGnarok With Your Nemesis I hope I’m Not Too LateWith the explosion of large language model (LLM) use, everyone is rushing to... 2024-3-14 00:18:29 | 阅读: 15 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io nemesis llm embedding ragnarok reranker

Browserless Entra Device Code Flow 2024-3-6 23:17:26 | 阅读: 3 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io

Misconfiguration Manager: Overlooked and Overprivileged TL;DR: Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Ma... 2024-3-6 02:43:52 | 阅读: 11 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io sccm defensive coercion client

Final Steps to BloodHound Federal — FedRAMP High Compliance Ever since SpecterOps first launched BloodHound Enterprise (BHE) in July 2021, one of our team’s big... 2024-3-5 22:2:21 | 阅读: 11 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io fedramp palantir bhe compliant dod

ADCS ESC14 Abuse Technique The altSecurityIdentities attribute of Active Directory (AD) computers and users allows you to speci... 2024-2-29 04:1:16 | 阅读: 29 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io victim attacker extca01

SCCM Hierarchy Takeover with High Availability TL;DR: SCCM sites configured to support high availability can be abused to compromise the entire hie... 2024-2-22 04:12:45 | 阅读: 18 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io sccm 888 chris specter

The Most Dangerous Entra Role You’ve (Probably) Never Heard Of Entra ID has a built-in role called “Partner Tier2 Support” that enables escalation to Global Admin,... 2024-2-17 00:56:48 | 阅读: 9 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io entra tier2 assignments bloodhound assignment

ADCS ESC13 Abuse Technique It is possible to configure an Active Directory Certificate Services (ADCS) certificate template wit... 2024-2-15 01:13:17 | 阅读: 12 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io issuance dumpster esc13user esc13

Directory.ReadWrite.All Is Not As Powerful As You Might Think Directory.ReadWrite.All is an MS Graph permission that is frequently cited as granting high amounts... 2024-2-13 01:54:32 | 阅读: 10 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io sp6 security sp1 assignable bloodhound

Spinning Webs — Unveiling Arachne for Web Shell C2 A web shell is a payload that allows continued access to a remote system, just like other “shells” w... 2024-2-8 00:48:15 | 阅读: 9 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io mythic arachne tasking c2 taskdata

Microsoft Breach — How Can I See This In BloodHound? On January 25, 2024, Microsoft announced Russia’s foreign intelligence service (i.e., Sluzhba vneshn... 2024-2-3 05:56:8 | 阅读: 9 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io entra microsoft bloodhound tier

Microsoft Breach — What Happened? What Should Azure Admins Do? On January 25, 2024, Microsoft published a blog post that detailed their recent breach at the hands... 2024-2-3 05:32:0 | 阅读: 9 | 收藏 | Posts By SpecterOps Team Members - Medium - posts.specterops.io microsoft principals entra