SpecterOps

@SpecterOps

Know Your Adversary - Adversary Simulation | Detection | Resilience

specterops.io
Joined January 2017
7 Photos and videos Photos and videos

Tweets

You blocked @SpecterOps

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @SpecterOps

  1. 19 hours ago

    Another instance where encourages us to rethink our views on digital signature validation.

    92 retweets 156 likes
  2. Retweeted
    22 hours ago

    How sure are you that "(Verified) Microsoft Windows" refers to a program that actually originates from Microsoft? Code Signing Certificate Cloning Attacks and Defenses

    2 replies 192 retweets 330 likes
  3. Dec 20

    Love that!

    Shout out to the crew for making AD ACLs quickly enumerable. Used them today to add a low privileged compromised user to "Group A", "Group A" members had permissions to add to Domain Admins.
    5 retweets 14 likes
  4. Retweeted
    Dec 19

    We've open sourced our framework for developing alerting and detection strategies for incident response. We have also included several internal strategies as examples to spur greater sharing and collaboration with defenders.

    10 replies 245 retweets 456 likes
  5. Retweeted
    Dec 15

    Are you really ready for ? What does your data look like? Data Availability != Data Quality

    3 replies 122 retweets 197 likes
  6. Dec 14

    Our CEO, , will be on a panel today discussing this year’s big lessons learned and recommendations for breach prevention in the new year with , , Ashton Mozano, and Jon Green . Tune in at 1pm Eastern

    4 retweets 11 likes
  7. Dec 12

    Our February training offering of Adversary Tactics: Red Team Operations is officially sold out. Waitlist is available. More course offerings to be announced shortly.

    6 replies 12 retweets 28 likes
  8. Retweeted
    Dec 11

    Cobalt Strike 3.10 – Хакер vs. 肉雞

    6 replies 98 retweets 154 likes
  9. Retweeted
    Dec 9

    some cover arts from the article: Deathstar from Armitage from Bloodhound from

    3 replies 8 retweets 27 likes
    Show this thread
    Show this thread
  10. Dec 7

    Happening now! "A Process is No One: Hunting for Token Manipulation" by and in Room A.

    12 retweets 21 likes
  11. Dec 7

    Good morning ! Catch and in Room A in 15 minutes! "A Process is No One: Hunting for Token Manipulation" More information here:

    4 retweets 12 likes
  12. Retweeted
    Dec 6

    We're ready for you ! Our workshop starts in 45 minutes!

    1 reply 11 retweets 23 likes
  13. Retweeted
    Dec 5

    Tomorrow in - our next hands-on Workshop! Join from & from Endgame as they demystify the art of threat hunting. BONUS: it's free! Save your seat:

    2 replies 8 retweets 10 likes
  14. Dec 5

    If you're attending , don't miss the Arsenal demos of our Automated Collection & Enrichment (ACE) platform at with and tomorrow (12/6) from 10:00 - 11.35 at Station 1

    3 replies 8 retweets 14 likes
  15. Dec 5

    Check out the new post from our on building covert red team attack infrastructures

    117 retweets 145 likes
  16. Retweeted
    Dec 3

    As a red teamer, if you ever have the opportunity to work a threat hunting or IR engagement, you should jump at the opportunity! You will be humbled by the challenges defenders deal with at scale and you will gain valuable insight into how they baseline normal and triage alerts.

    19 replies 139 retweets 445 likes
  17. Retweeted
    Dec 1

    Atomic Sysmon configs individually mapped to the ATT&CK Matrix anyone? is on fire! All this now requires is a little code to enable selective merging of technique detections. Detection unit testing FTW! /cc

    9 replies 330 retweets 558 likes
  18. Nov 30

    Thank you for the kind words as well. Most of us do enjoy a good pizza, so we may take you up on that. :)

    Some excellent whitepapers on Windows Sec, and some of the best offensive/defensive learning libraries on github. well done mates. Sound work. This is college teaching material worthy.
    Show this thread
    1 retweet 9 likes
  19. Nov 30

    Thank you ! You are too kind.

    Worked with and the guys on a recent project. These guys are good and brought extra value to our customer.
    1 like
  20. Retweeted
    Nov 29

    's FIRST officially selected talk came from none other than & who will also kick off our special Active Directory Track

    2 replies 12 retweets 25 likes

@SpecterOps hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·