#specterops — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #specterops, aggregated by home.social.
-
We at #BSides312 thank #SpecterOps for being a Gold level sponsor. We encourage you to check them out at https://specterops.io/ and visit their table at our even on May 16. Tickets are still available at https://bsides312.org/
#BSides -
We at #BSides312 thank #SpecterOps for being a Gold level sponsor. We encourage you to check them out at https://specterops.io/ and visit their table at our even on May 16. Tickets are still available at https://bsides312.org/
#BSides -
We at #BSides312 thank #SpecterOps for being a Gold level sponsor. We encourage you to check them out at https://specterops.io/ and visit their table at our even on May 16. Tickets are still available at https://bsides312.org/
#BSides -
Seems SO-CON is happening today, have fun people! And if you feel like being a speaker, check out cfptime.org cc @SpecterOps #SpecterOps
-
Seems SO-CON is happening today, have fun people! And if you feel like being a speaker, check out cfptime.org cc @SpecterOps #SpecterOps
-
Seems SO-CON is happening today, have fun people! And if you feel like being a speaker, check out cfptime.org cc @SpecterOps #SpecterOps
-
Seems SO-CON is happening today, have fun people! And if you feel like being a speaker, check out cfptime.org cc @SpecterOps #SpecterOps
-
Seems SO-CON is happening today, have fun people! And if you feel like being a speaker, check out cfptime.org cc @SpecterOps #SpecterOps
-
📢🔔 Just 1 more day to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more day to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more day to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more day to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more day to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more week to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more week to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more week to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 1 more week to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 2 more weeks to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 2 more weeks to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 2 more weeks to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 2 more weeks to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
📢🔔 Just 2 more weeks to submit your talk at SO-CON cc @SpecterOps! https://cfptime.org/cfps/3380/ #cfp #infosec #SpecterOps
-
🛠️ Tool
===================Executive summary: PingOneHound is an OpenGraph extension for BloodHound Community Edition and BloodHound Enterprise designed to discover, analyze, and help remediate identity-based attack paths inside PingOne organizations. The work was carried out by SpecterOps researchers using a Ping Identity–provided PingOne environment.
Technical details:
• Purpose: Map PingOne objects (organization, environments, users, groups, roles, applications) into a graph model consumable by BloodHound to reveal chains of authorization and authentication that can be abused.
• Primary mechanics: PingOne supports identity federation standards such as SAML and OIDC, enabling authentication from one system and authorization by another; these federated flows expand the potential attack surface across trust boundaries.
• Vocabulary modeled: organization (top level), environment (contains users/groups/roles/apps), the auto‑created Administrators environment, users, groups, and role assignments.Key features of PingOneHound:
• Graph ingestion of PingOne environment objects into BloodHound-compatible schemas.
• Identification of role assignment propagation rules and group membership behaviors that affect privilege paths.
• Visibility into federation‑driven paths that reach into or out of a PingOne instance.Implementation concepts:
• The extension maps PingOne API objects into nodes and relationships, preserving distinctions between direct group membership and nested group structures.
• The model encodes that role assignments are delegated only to direct group members; nested group membership does not confer those roles, and attribute‑based automatic group membership is blocked for groups that hold role assignments.Use cases:
• Red teaming and purple team exercises focused on identity abuse in cloud IdPs.
• Defender analysis to enumerate risky role assignments, overly broad group configurations, and federation trust paths.Limitations and considerations:
• Behavior modeled is constrained by PingOne configuration and API visibility; findings depend on the available object graph from the environment provided.
• The extension surfaces paths but does not by itself exploit them; operationalization requires complementary tools and context.🔹 PingOne #BloodHound #PingOneHound #SpecterOps #tool
🔗 Source: https://specterops.io/blog/2025/10/20/pingone-attack-paths/
-
Why ex-military professionals are a good fit for cybersecurity https://www.helpnetsecurity.com/2025/10/20/military-veterans-cybersecurity-careers/ #cybersecurityjobs #NTTDATAServices #cybersecurity #SpecterOps #Don'tmiss #strategy #News #tips
-
Why ex-military professionals are a good fit for cybersecurity https://www.helpnetsecurity.com/2025/10/20/military-veterans-cybersecurity-careers/ #cybersecurityjobs #NTTDATAServices #cybersecurity #SpecterOps #Don'tmiss #strategy #News #tips
-
Why ex-military professionals are a good fit for cybersecurity https://www.helpnetsecurity.com/2025/10/20/military-veterans-cybersecurity-careers/ #cybersecurityjobs #NTTDATAServices #cybersecurity #SpecterOps #Don'tmiss #strategy #News #tips
-
Why ex-military professionals are a good fit for cybersecurity https://www.helpnetsecurity.com/2025/10/20/military-veterans-cybersecurity-careers/ #cybersecurityjobs #NTTDATAServices #cybersecurity #SpecterOps #Don'tmiss #strategy #News #tips
-
LudusHound: Open-source tool brings BloodHound data to life https://www.helpnetsecurity.com/2025/08/20/ludushound-open-source-tool-bloodhound-data/ #cybersecurity #opensource #SpecterOps #Don'tmiss #software #redteam #GitHub #News
-
LudusHound: Open-source tool brings BloodHound data to life https://www.helpnetsecurity.com/2025/08/20/ludushound-open-source-tool-bloodhound-data/ #cybersecurity #opensource #SpecterOps #Don'tmiss #software #redteam #GitHub #News
-
LudusHound: Open-source tool brings BloodHound data to life https://www.helpnetsecurity.com/2025/08/20/ludushound-open-source-tool-bloodhound-data/ #cybersecurity #opensource #SpecterOps #Don'tmiss #software #redteam #GitHub #News
-
LudusHound: Open-source tool brings BloodHound data to life https://www.helpnetsecurity.com/2025/08/20/ludushound-open-source-tool-bloodhound-data/ #cybersecurity #opensource #SpecterOps #Don'tmiss #software #redteam #GitHub #News
-
Top solutions to watch after Black Hat USA 2025 https://www.helpnetsecurity.com/2025/08/07/top-solutions-to-watch-after-black-hat-usa-2025/ #BlackHatUSA2025 #ManifestCyber #conferences #SpecterOps #Darwinium #Cymulate #News #MIND
-
Top solutions to watch after Black Hat USA 2025 https://www.helpnetsecurity.com/2025/08/07/top-solutions-to-watch-after-black-hat-usa-2025/ #BlackHatUSA2025 #ManifestCyber #conferences #SpecterOps #Darwinium #Cymulate #News #MIND
-
Top solutions to watch after Black Hat USA 2025 https://www.helpnetsecurity.com/2025/08/07/top-solutions-to-watch-after-black-hat-usa-2025/ #BlackHatUSA2025 #ManifestCyber #conferences #SpecterOps #Darwinium #Cymulate #News #MIND
-
Top solutions to watch after Black Hat USA 2025 https://www.helpnetsecurity.com/2025/08/07/top-solutions-to-watch-after-black-hat-usa-2025/ #BlackHatUSA2025 #ManifestCyber #conferences #SpecterOps #Darwinium #Cymulate #News #MIND
-
BloodHound 8.0 debuts with major upgrades in attack path management https://www.helpnetsecurity.com/2025/08/05/bloodhound-8-0-open-source-attack-path-management-platform/ #MicrosoftEntraID #BlackHatUSA2025 #DuoSecurity #opensource #SpecterOps #Don'tmiss #software #GitHub #News
-
BloodHound 8.0 debuts with major upgrades in attack path management https://www.helpnetsecurity.com/2025/08/05/bloodhound-8-0-open-source-attack-path-management-platform/ #MicrosoftEntraID #BlackHatUSA2025 #DuoSecurity #opensource #SpecterOps #Don'tmiss #software #GitHub #News
-
BloodHound 8.0 debuts with major upgrades in attack path management https://www.helpnetsecurity.com/2025/08/05/bloodhound-8-0-open-source-attack-path-management-platform/ #MicrosoftEntraID #BlackHatUSA2025 #DuoSecurity #opensource #SpecterOps #Don'tmiss #software #GitHub #News
-
BloodHound 8.0 debuts with major upgrades in attack path management https://www.helpnetsecurity.com/2025/08/05/bloodhound-8-0-open-source-attack-path-management-platform/ #MicrosoftEntraID #BlackHatUSA2025 #DuoSecurity #opensource #SpecterOps #Don'tmiss #software #GitHub #News
-
Mapping Mayhem: Security’s Blind Spots in Identity Security – Source: securityboulevard.com https://ciso2ciso.com/mapping-mayhem-securitys-blind-spots-in-identity-security-source-securityboulevard-com/ #IdentityandAccessManagement #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #identitysecurity #SocialFacebook #SocialLinkedIn #SpecterOps #Spotlight #FEATURED #Security #SocialX #Okta
-
Mapping Mayhem: Security’s Blind Spots in Identity Security – Source: securityboulevard.com https://ciso2ciso.com/mapping-mayhem-securitys-blind-spots-in-identity-security-source-securityboulevard-com/ #IdentityandAccessManagement #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #identitysecurity #SocialFacebook #SocialLinkedIn #SpecterOps #Spotlight #FEATURED #Security #SocialX #Okta
-
Mapping Mayhem: Security’s Blind Spots in Identity Security – Source: securityboulevard.com https://ciso2ciso.com/mapping-mayhem-securitys-blind-spots-in-identity-security-source-securityboulevard-com/ #IdentityandAccessManagement #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #identitysecurity #SocialFacebook #SocialLinkedIn #SpecterOps #Spotlight #FEATURED #Security #SocialX #Okta
-
Mapping Mayhem: Security’s Blind Spots in Identity Security – Source: securityboulevard.com https://ciso2ciso.com/mapping-mayhem-securitys-blind-spots-in-identity-security-source-securityboulevard-com/ #IdentityandAccessManagement #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #CyberSecurityNews #SecurityBoulevard #identitysecurity #SocialFacebook #SocialLinkedIn #SpecterOps #Spotlight #FEATURED #Security #SocialX #Okta
-
Why CISOs should rethink identity risk through attack paths https://www.helpnetsecurity.com/2025/07/30/ciso-attack-path-management-apm/ #nonhumanidentities #BlackHatUSA2025 #cybersecurity #SpecterOps #Don'tmiss #strategy #report #survey #News #CISO #tips
-
Why CISOs should rethink identity risk through attack paths https://www.helpnetsecurity.com/2025/07/30/ciso-attack-path-management-apm/ #nonhumanidentities #BlackHatUSA2025 #cybersecurity #SpecterOps #Don'tmiss #strategy #report #survey #News #CISO #tips
-
Why CISOs should rethink identity risk through attack paths https://www.helpnetsecurity.com/2025/07/30/ciso-attack-path-management-apm/ #nonhumanidentities #BlackHatUSA2025 #cybersecurity #SpecterOps #Don'tmiss #strategy #report #survey #News #CISO #tips
-
Why CISOs should rethink identity risk through attack paths https://www.helpnetsecurity.com/2025/07/30/ciso-attack-path-management-apm/ #nonhumanidentities #BlackHatUSA2025 #cybersecurity #SpecterOps #Don'tmiss #strategy #report #survey #News #CISO #tips
-
NTLM relay attacks are back from the dead https://www.helpnetsecurity.com/2025/07/04/ntlm-relay-attacks/ #certificateauthority #Expertanalysis #authentication #cybersecurity #Expertcorner #SpecterOps #Don'tmiss #Microsoft #Hotstuff #attacks #opinion #servers #News
-
NTLM relay attacks are back from the dead https://www.helpnetsecurity.com/2025/07/04/ntlm-relay-attacks/ #certificateauthority #Expertanalysis #authentication #cybersecurity #Expertcorner #SpecterOps #Don'tmiss #Microsoft #Hotstuff #attacks #opinion #servers #News
-
NTLM relay attacks are back from the dead https://www.helpnetsecurity.com/2025/07/04/ntlm-relay-attacks/ #certificateauthority #Expertanalysis #authentication #cybersecurity #Expertcorner #SpecterOps #Don'tmiss #Microsoft #Hotstuff #attacks #opinion #servers #News