Jared Atkinson

💡 WHAT IS PURPLE TEAMING AT SPECTEROPS? SpecterOps recently introduced our Purple Team service offering, but what is it? We define it as "the evaluation of security control efficacy through atomic testing using deliberately selected test cases." ghst.ly/3EUVRHB

What do hundreds of incident response engagements reveal? Identity is the battleground. ⚔️ Steve Elovitz from @Unit42_Intel joins #KnowYourAdversary to break down how attacks unfold, from phishing to privilege escalation to SaaS expansion. 🎧: ghst.ly/4uFeMie

GitHub isn’t just a code platform anymore. It’s a security boundary. New from @jaredcatkinson: how GitHub creates real attack paths into repos, secrets, CI/CD, and even cloud environments. Read more: ghst.ly/4cU3QHd

BloodHound Enterprise is expanding. New OpenGraph extensions now uncover identity attack paths across Okta, GitHub, and Jamf-managed macOS—connecting identities, repositories, and endpoints across hybrid environments. ghst.ly/3N7X7yY 🧵: 1/3

Can AI agents conduct advanced cyber-attacks autonomously? We tested seven models released between August 2024 and February 2026 on two custom-built cyber ranges designed to replicate complex attack environments. Here’s what we found🧵

Releasing PrivHound — Bloodhound collector to model Windows local Privilege Escalation as a graph. Still early — bugs and PRs welcome. github.com/dazzyddos/Priv…

Check out GoLinHound: - Discovers Linux & SSH attack paths - Outputs OpenGraph JSON for BloodHound ingestion - Integrates with SharpHound and AzureHound data to unveil cross-technology attack paths github.com/RantaSec/golin…

Incredibly proud of the team over here at @HuntressLabs as we announce a new really cool feature in our EDR - the “Attack Disruption Engine”. This new capability allows us to identify threats quicker on the endpoint and change response time from minutes to seconds. Full blog: huntress.com/blog/disruptin…

Identity risk isn’t just about who has access. It’s about how access connects. @jaredcatkinson dives into how Attack Path Management reframes modern security strategy in his article for @IdentityWeek_ID. ghst.ly/4txClZI

Introducing BloodHound Scentry: Accelerating Attack Path Management Join Duane Michael and Robby Winchester as they discuss BloodHound Scentry specterops.zoom.us/webinar/regist…

Seeing identity attack paths is one thing. Eliminating them safely is another. @ChannelInsider breaks down BloodHound Scentry and how it helps teams operationalize Identity APM faster. ⤵️ ghst.ly/3OioUg2

Introducing BloodHound Scentry: BloodHound Enterprise + SpecterOps experts working alongside your team to eliminate attack paths and accelerate APM. Level 0 → Level 3 maturity in ~6 months. Not theory. Tradecraft. 🎯 Learn more ➡️ ghst.ly/bhscentry-tw

Attackers don’t exploit one weakness. They chain many. ⛓️ Next week @JustinKohler10 will join @Cisco_Invests for a conversation on why AD and Entra ID attack paths drive the majority of breaches, and how to eliminate them at scale. Register 👉 ghst.ly/4598yMz

SCCM attack paths are messy until you can see them. 👀 ConfigManBearPig from @_Mayyhem extends BloodHound with SCCM nodes + edges using OpenGraph, plus queries to surface hierarchy takeovers and escalation paths. Check it out! ghst.ly/4svbcWO

My SCCM BloodHound OpenGraph collector, ConfigManBearPig, is finally ready to share! It can enumerate all of the relay TAKEOVERs and a few CRED and ELEVATE techniques from Misconfiguration Manager with just a domain account. Let me know what you find! specterops.io/blog/2026/01/1…

There are three principle ways that devastating compromises of identity security commonly happen in real world environments. And none of them are technically impressive. 1. A compromised account that should have only standard rights in fact has highly privileged rights. [cont.]

Decided to jump on the AI train... Today I'm releasing a blog/project called EventSight. A project that parses and analyzes EVTX files using Claude, with a feedback loop that makes it smarter over time for your specific environment. Learned a lot building this: RAG vs Agentic RAG, ICL, prompt balancing, and more. Blog: jonny-johnson.medium.com/rag-icl-and-wi… GitHub: github.com/jonny-jhnson/E…

@james9876545 @SpecterOps Nathan Tucker from @VirtueSecurity made an OpenGraph extension for AWS: github.com/VirtueSecurity…

@SpecterOps @jaredcatkinson What is the aws support?

BloodHound OpenGraph isn’t just about AD anymore. In his latest Risky Biz interview, @jaredcatkinson breaks down how OpenGraph now maps attack paths across GitHub, AWS, SaaS, CI/CD, and beyond, allowing defenders to see what attackers see. 🎧: ghst.ly/4aSxrPY

Ever wonder why we call them "Cmdlets" in PowerShell instead of just "Commands"? jsnover.com/blog/2025/12/1… #PowerShell

We’re excited to announce Kevin Mandia as the keynote speaker for #SOCON2026! 🎉 His keynote will focus on how the threat landscape has evolved in the face of modern adversary tradecraft. Secure your spot ➡️ ghst.ly/socon26-tw

2️⃣ Next, @Breakfix dives into the SCOM agent. This post uncovers how RunAs creds reach endpoints, how they’re recovered off-host, and how rogue enrollment exposes sensitive data. Plus: introducing SharpSCOM for automated RunAs recovery. ghst.ly/4iTmpfw 🧵: 2/2