BloodHound isn't just for Active Directory anymore. 🤯 @SadProcessor dives into the BloodHound OpenGraph functionality & demonstrates the new PowerShell cmdlets added to the BloodHound Operator module to work with the OpenGraph feature.

Lots of tooling around the new Bloodhound "OpenGraph" standard this week including vCenterHound from @m0rd4vid and the bhopengraph library from @podalirius_. https://t.co/DhuPbkh4LM

Join our webinar, happening next Thursday and get a full break down of the report from authors @jaredcatkinson, @AndrewChiles, and @elad_shamir. Register at https://t.co/ptlsSuhfbx

if you want to train a model yourself with GRPO: 1. find a verifiable task: https://t.co/bergh3xuBi 2. add a new reward function to open-r1:

We are breaking down our State of Attack Path Management report. Join @jaredcatkinson, @AndrewChiles, & @elad_shamir as they discuss some key takeaways from the report to help you understand & address attack paths before they're exploited. Register 👉 https://t.co/ptlsSugHlZ

The AD CS security landscape keeps evolving, and so does our tooling. 🛠️ @bytewreck drops info on Certify 2.0, including a suite of new capabilities and refined usability improvements.

We're at BlackHat USA. At 1.30 PM our Outflank researcher @kyleavery_ will present his work on how he trained a 7B parameter LLM to defeat Microsoft Defender for Endpoint. An accompanying blog post will go out later today and we'll release the model on Hugging Face. Stay tuned!

During my #BHUSA talk I've released many ETW research tools, of which the most notable is BamboozlEDR. This tool allows you to inject events into ETW, allowing you to generate fake alerts and blind EDRs. https://t.co/Gnz0ssUXYN Slides available here: https://t.co/2zhhBe83Df

MSSQLHound leverages BloodHound's OpenGraph to visualize MSSQL attack paths with 7 new nodes & 37 new edges, all without touching the SharpHound & BloodHound codebases. @_Mayyhem unpacks this new feature in his blog post. 👇

BloodHound OpenGraph makes adding nodes and edges simple, but building effective attack graph models? That's where the real work begins. @_wald0 breaks down the theory, best practices, and requirements you need to know. https://t.co/N5qrfkZIHP

New blog! Here's our case study on using LLMs for accelerating offensive R&D. Our post details how we used Large Language Models to identify and exploit trapped COM objects. Next week at BlackHat we'll drop even hotter stuff on offensive AI research. 🔥 https://t.co/PFKGjc4sVX

Entra Connect sync accounts can be exploited to hijack device userCertificate properties, enabling device impersonation and conditional access bypass. @hotnops explores cross-domain compromise tradecraft within the same tenant. Read more ⤵️

I'm SO hyped to finally make MSSQLHound public! It's a new BloodHound collector that adds 37 new edges and 7 new nodes for MSSQL attack paths using the new OpenGraph feature for 8.0!. Let me know what you find with it! - https://t.co/Hh089SaVOS - https://t.co/geO0HXTykf

Is that attack paths in #1Password via #BloodHound? Learn more about the future Attack Path Management and BloodHound 8.0 this Thursday: https://t.co/wiVi18Udbp

The industry recommendation for DPAPI backup key compromise remediation is to destroy and rebuild the environment. @sou_predictable explores why this is the current industry guidance.

Looks like BloodHound has picked up the scent of something new :) Join us Thursday to see where the trail leads.

Cloudflare CEO @eastdakota is having the most honest conversations I've come across about the current & future of content creation "6 months ago, 75% of queries to Google get answered on Google. Which means if you're an original content creator, your content is getting

Last two weeks I talked about BYO Identity Providers in Entra ID and backdoors to External Auth Methods to bypass MFA. Only possible because MSFT doesn't implement the mandatory OIDC security measures. Slides with optional dark mode on:

LLMs can expedite parts of the writing/editing process, but still require human oversight & guidance to provide accurate & helpful responses. Read more from Sarah Miles' experiments using LLMs from the perspective of a technical writer: https://t.co/pu6mCGnTQG

Introducing the BloodHound Query Library! 📚 @martinsohndk & @joeydreijer explore the new collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem.