Get an introduction to the HardHat C2 framework. Check out DragoQCC's #BHUSA booth presentation. ➡️ ghst.ly/3Q3UTy3 Get HardHat today: github.com/DragoQCC/HardH…

💡 WHAT IS PURPLE TEAMING AT SPECTEROPS? SpecterOps recently introduced our Purple Team service offering, but what is it? We define it as "the evaluation of security control efficacy through atomic testing using deliberately selected test cases." ghst.ly/3EUVRHB

Alpha 0.3 of HardHat C2 is out, another giant update with around 16k additions & 6k deletions. Includes a ton of bug fixes and new features. Check out the full changelog here docs.hardhat-c2.net/changelog/alph… and try it out here github.com/DragoQCC/HardH…

The HardHat Toolbox is finally ready github.com/HardHatToolbox. It contains Rivet, a demo Asset (Implant) written in Rust, along with the Asset Development repo, which contains detailed step-by-step guides and templates to help get you started on writing custom Assets for HardHat.

I fixed some things in SharpSCCM. On Rasta Mouse 's suggestion, it's using dnMerge and the exe is ~1MB now. Still working on getting it under the beacon default task size. Code also reflects the correct SCCM site system roles now, so -mp option is now -sms in a lot of cases🧵

Have you used a web shell on an offensive assessment recently? Were you able to task and create it through your C2 framework? I'm excited to announce the new Arachne agent for Mythic that allows you to do just that! Check it out posts.specterops.io/spinning-webs-…

I’ve used a lot of Adam’s work throughout the years, and now I actually get to work with him! So excited for him to join the team!

List is complete😂 Thanks to all who joined live! I had a blast, and I hope you all did too🥳 Next week, same time, I'm apparently doing an EDR tier list... 🤡If u missed it, VOD is here: youtu.be/iYKItfBbPoY

My first talk finally landed on YouTube from SpecterOps #socon24, looking forward to doing it again on a new topic (but can’t bring myself to watch it back 😂) youtu.be/SoTHxMrsXrs?si…

What's better than seeing Attack Paths from Active Directory to Azure and back down? Seeing them in dark mode. Check out the new release!

I've published my draft open source C2 specification. github.com/rasta-mouse/OS… All comments and discussions welcome.

Just wrapped up DEF CON Demo Labs and published Maestro, a new tool for lateral movement with Intune from C2. Thanks to everyone who came to check it out! I'll be posting a blog and wiki with more info soon, but here's the code and link to today's slides: github.com/Mayyhem/Maestro

I recently released a Discriminated Union like result type library for .NET github.com/DragoQCC/Union… Some of its key features are - Set up to 16 different return types - Capture custom errors and exceptions - Safely invoke methods without try-catch #Dotnet #csharp #opensource

I wrote a blog post about some of the intangible benefits of working as a red team operator and adversary simulation consultant at SpecterOps. It's pretty awesome here. And we're hiring! posts.specterops.io/life-at-specte…

Want to generate cleaner, more efficient code with Source Generators? DragoQCC covers the essentials, how to solve common problems, and logging tips in our new blog post. Read more ⤵️ ghst.ly/3N6Vxth

Check out my recent blog post on the new incremental Dotnet source generators. It covers the basics of getting started, a breakdown of common Roslyn terminology, and logging issues as they come up. posts.specterops.io/dotnet-source-… #dotnet #SoftwareDevelopment #csharp

Is Kerberos relaying so limited? I'd say no, thanks to James Forshaw CredMarshalTargetInfo trick. In this case, I'm relaying SMB to HTTP (ADCS) with a modified version of Cube0x0 krbrelay using DFSCoerce and PetitPotam - classic ESC8 attack with Kerberos, no DCOM involved ;)

New tool published which is proving to be useful. Cred1py allows execution of the CRED-1 SCCM attack published by Christopher Panayi over SOCKS5 UDP by wrapping the awesome PxeThiefy.py from Carsten. Enjoy :) github.com/SpecterOps/cre…

Oh man, when your POC ends up in LWiS even though it's dropped same day! You guys are doing amazing work Bad Sector Labs blog.badsectorlabs.com