Red Team Archives

Centurion: Bring Your Own Execution Environment

Michelle Rhodes | June 9, 2026 | Centurion, LLM Development, Offensive Security, Red Team, security insights, Tools & Techniques, Virtualized Loader, Vulnerability Research, WasmForge

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one layer of ...

Offensive Security Blog: Latest Trends in Hacking | Praetorian

Adversarial Oracles: LLM-Guided EDR Signature Reduction

Michelle Rhodes | May 28, 2026 | adversarial, AI Security, Offensive Security, open source, Red Team, Static Analysis, Tools & Techniques

In previous blog posts we’ve talked about getting nerd sniped. Today we’re going to talk about a kind of nerd sniping that any offensive security tool creator is familiar with; when your ...

Offensive Security Blog: Latest Trends in Hacking | Praetorian

Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

Michelle Rhodes | May 13, 2026 | AI Security, Application Security, Attack Surface Management, Offensive Security, Red Team, security insights, Tools & Techniques, Vulnerability Research

TL;DR: Single-page applications ship their entire frontend codebase to every visitor, including unauthenticated ones. Even a login page with no visible functionality delivers JavaScript bundles containing route definitions, API endpoint URLs, authentication ...

Offensive Security Blog: Latest Trends in Hacking | Praetorian

Terminal showing Python script execution where AI refuses PowerPoint creation request, followed by thinking notes about the refusal

Which Came First: The System Prompt, or the RCE?

n8n-publisher | March 24, 2026 | AI agent security, AI Offensive Security, Augustus, code execution, LLM penetration testing, Offensive Security, prompt injection, Red Team, Vulnerability Research

During a recent penetration test, we came across an AI-powered desktop application that acted as a bridge between Claude (Opus 4.5) and a third-party asset management platform. The idea is simple: instead ...

Offensive Security Blog: Latest Trends in Hacking | Praetorian

Mapping the Unknown: Introducing Pius for Organizational Asset Discovery

n8n-publisher | March 13, 2026 | Attack Surface Management, Offensive Security, open source, Open Source Tools, Red Team, Tools & Techniques, Uncategorized

Asset discovery is an essential part of Praetorian’s service delivery process. When we are engaged to carry out continuous external penetration testing, one key action is to build and maintain a thorough ...

Offensive Security Blog: Latest Trends in Hacking | Praetorian

Red Teaming AI Systems: Why Traditional Security Testing Falls Short

Bar-El Tayouri | July 16, 2025 | AI, AppSec, Red Team, security

What if your AI-powered application leaked sensitive data, generated harmful content, or revealed internal instructions – and none of your security tools caught it? This isn’t hypothetical. It’s happening now and exposing ...

Security Boulevard

Update: Dumping Entra Connect Sync Credentials

hotnops | June 9, 2025 | Active Directory, attack-path-management, azure, Entra ID, Red Team

Recently, Microsoft changed the way the Entra Connect Connect Sync agent authenticates to Entra ID. These changes affect attacker tradecraft, as we can no longer export the sync account credentials; however, attackers ...

Posts By SpecterOps Team Members - Medium

Bugcrowd Launches Red Team Service to Test Cybersecurity Defenses

Michael Vizard | April 28, 2025 | 2025 RSA Conference, bugcrowd, Cybersecurity, Red Team

Bugcrowd today at the 2025 RSA Conference announced its intent to create a red team service to test cybersecurity defenses using a global network of ethical hackers. Alistair Greaves, director of red ...

Security Boulevard

The Renaissance of NTLM Relay Attacks: Everything You Need to Know

Elad Shamir | April 8, 2025 | Active Directory, BloodHound, ntlm relay, Red Team, research

NTLM relay attacks have been around for a long time. While many security practitioners think NTLM relay is a solved problem, or at least a not-so-severe one, it is, in fact, alive ...

Posts By SpecterOps Team Members - Medium

Forging a Better Operator Quality of Life

Cody Thomas | February 5, 2025 | open source, Red Team, red-team-tools, research

A new Mythic add-on for Windows AgentsMythic provides flexibility to agent developers for how they want to describe and execute techniques. While this is great, it also means that when operators hop from ...

Posts By SpecterOps Team Members - Medium

Red Team

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On