If you're attending REcon later this month, you don't want to miss Evan McBroom's deep dive into LSA credential recovery. Learn the real feasibility & limitations of memory scanning + logical abuse techniques on newer Windows releases. ghst.ly/4kSDWnR

Most orgs assume they've implemented least privilege, but assumptions don't stop attackers. Justin Kohler explains how Privilege Zones in BloodHound Enterprise lets you define & analyze security boundaries to stop lateral movement in hybrid environments. ghst.ly/4n5Pc28

Coming to #OffensiveX TOMORROW: Lee Chagolla-Christensen & Will Schroeder will present on Nemesis 2.0, a complete reimagining of offensive file analysis and enrichment that functions as an "offensive VirusTotal." Don't miss it! ▶️ offensivex.org

Ready to level up your red team game? Our RTO training teaches advanced TTPs from real-world breaches. Design resilient C2 infrastructure, operate covertly, and adapt against live defenders in enterprise-grade labs. Join the course at #BHUSA! ghst.ly/rto-bhusa25

Introducing the BloodHound Query Library! 📚 Martin Sohn & Joey Dreijer explore the new collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem. ghst.ly/4jTgRQQ

📈 Ready to level up your offensive skills? Our Identity-driven Offensive Tradecraft course covers on-prem to cloud pivoting, tenant hopping, & exploiting complex auth mechanisms. Walk away w/ practical techniques for real-world engagements. Register ➡️ ghst.ly/training-eu-25

Right in the middle of our day at #OffensiveX2025, we welcomed on stage, Will Schroeder (@Harmj0y) & Lee Chagolla-Christensen (Lee Chagolla-Christensen) both members of the SpecterOps R&D team, to talk about "Nemesis 2.0: Building an Offensive VirusTotal!" #OffensiveX #CyberSecurity #RedTeam

Get the scoop on the incoming Administrator Protection for Windows 11. Adam Chester 🏴‍☠️ covers the architecture, access controls, and why some legacy UAC bypass techniques remain effective in his latest blog post. ⤵️ ghst.ly/44mw5JM

Ghostwriter v6's new collaborative editing feature is 🔥 Alex Parrill & ʎppɐɯɔ discuss the new real-time collaborative editing for observations, findings, & report fields, enabling multiple users to edit simultaneously without overwriting each other. ghst.ly/4jVqdvG

BloodHound Enterprise continuously maps attack paths & identifies choke points across AD, Entra & hybrid environments. Now with Privilege Zones, orgs can create custom security boundaries around HIPAA data, PCI-DSS systems, code repos & more. MSSP Alert ghst.ly/4liUt4R

#Juneteeth represents an important moment in our nation's history and the ongoing journey toward equality and justice for all.

Potato exploits have been a cornerstone of local priv esc on Windows for years, but how & why do the inner starchy workings of the potatoes function? Join Max Andreacchi next week to understand Windows access tokens & their use in the Windows environment. ghst.ly/june-web-tw

LLMs can expedite parts of the writing/editing process, but still require human oversight & guidance to provide accurate & helpful responses. Read more from Sarah Miles' experiments using LLMs from the perspective of a technical writer: ghst.ly/4ntY2aj

We are excited to sponsor BSides San Antonio / BSidesSATX, happening tomorrow in San Antonio! Stop by our table and chat with the team about SpecterOps, BloodHound Enterprise, and our suite of open source tools.

Our team is at #BSidesSATX today! Stop by to say hi and learn about the trainings and tools that we offer.

Don't miss Joshua Prager's talk today at #BSidesSATX! Join and hear about detection guidance, attack telemetry analysis, & defensive strategies to catch configuration manager abuse before it's too late.