Published inPosts By SpecterOps Team MembersEntra Connect Attacker Tradecraft: Part 2Now that we know how to add credentials to an on-premises user, lets pose a question:Jan 22Jan 22
Published inPosts By SpecterOps Team MembersAttacking Entra Metaverse: Part 1This is part one in a two (maybe three…) part series regarding attacker tradecraft around the syncing mechanics between Active Directory…Dec 13, 2024Dec 13, 2024
Published inPosts By SpecterOps Team MembersAn AWS Administrator Identity Crisis: Part 1BLUF: Every attack path needs a destination. This is a formalized way of describing destinations in AWS. In cloud providers where we only…Jun 28, 2024Jun 28, 2024
Published inPosts By SpecterOps Team MembersI’d TAP That PassA better way to attack Azure AD with temporary access passesMar 29, 2023Mar 29, 2023
Published inPosts By SpecterOps Team MembersAWS ReadOnlyAccess: Not Even OnceA story of too much access and a false sense of security.Aug 27, 20215Aug 27, 20215
Published inPosts By SpecterOps Team MembersUpdates to Ghostwriter: UI and Operation LogsAutomating the stuff that drives operators nutsSep 30, 2020Sep 30, 2020
Published inPosts By SpecterOps Team MembersPersistent AWS access with role chain jugglingMaintaining access in AWS with temporary credentials.Jul 16, 2020Jul 16, 2020