Attackers don’t exploit tools—they exploit identities. Learn how to defend where it matters. Join operators and defenders for one of our hands-on training courses at #SOCON2026.

In-person attendees also receive a free conference pass. Save your spot ➡️ https://ghst.ly/socon-2026

See your network shares the way attackers do. 👀

Meet ShareHound, an OpenGraph collector for BloodHound CE & Enterprise that reveals share-level attack paths at scale. @podalirius unpacks all the details in our latest blog post. https://ghst.ly/4ogiBqt

🕵️ Uncovering network attack paths with runZeroHound!

As of today you can feed your runZero asset inventory into @SpecterOps BloodHound v8. runZeroHound is an open source toolkit that brings your runZero asset data into BloodHound’s OpenGraph model to reveal real-world attack paths.

👉 @hdm breaks it down in his latest post: https://www.runzero.com/blog/introducing-runzerohound/

Credential Guard was supposed to end credential dumping. It didn't.

Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.

Read for more: https://ghst.ly/4qtl2rm

#SOCON2026 is where the global security community unites to push the boundaries of identity-first defense.

Got insights on attack paths, identity risks, or BloodHound OpenGraph? Submit your talk to our CFP before it closes Nov. 15 ➡️ https://ghst.ly/socon26-cfp

The CFP for #SOCON2026 is OPEN! 🙌

Have you been working on something interesting in Attack Path Management or identity-first defense? Join us in Arlington, VA (April 13–14) and share your work with the community.

Submit your talk by Nov. 15 → https://ghst.ly/socon26-cfp

Microsoft introduced nested application auth (NAA) in 2024. Researchers spotted FOCI similarities & dubbed it brokered client IDs (BroCI).

Hope Walker documents NAA flows and BroCI—filling a gap for research on Microsoft identity protocols. Read more: https://ghst.ly/3Jdhp7Z

Your strongest platform is only as secure as its weakest dependency. And you probably don't know what those are.

Jared Atkinson dives into the Clean Source Principle, hidden trust relationships, & why BloodHound OpenGraph changes the game. https://ghst.ly/4pYTtFU

Red teams slip past detection. Defenders adapt. The cycle continues. 🔄

John Wotton's latest on AI gated loaders shows how offensive operators are using LLMs to make shellcode execution context-aware, executing only when OPSEC policies are met. https://ghst.ly/4nvxsgh

Securing Domain Controllers without breaking AD is harder than it sounds. Michael Grafnetter at HIP Conference covers:

✅ IaC approach to Windows Firewall policy
✅ RPC filters & outbound traffic controls
✅ Hybrid environment challenges
✅ Network service discovery

Learn more: www.hipconf.com/agenda/

The only conference dedicated to Attack Path Management is back!

3 tracks. Real-world case studies. Hands-on BloodHound Quest lab. Join us at #SOCON2026 and advance your identity-first security strategy.

🎟️ Save your spot: http://specterops.io/so-con

🎙️ NEW PODCAST: #KnowYourAdversary

Jared Atkinson & Justin Kohler explore identity security from the attacker's perspective. Real stories, real tactics, real insights.

Check out our first three episodes now 👉 https://ghst.ly/kya-podcast

From military to cybersecurity — your next mission awaits. Join our upcoming Hack the Hiring Process webinar where veterans from our Consulting Services team share their experiences transitioning into roles in cybersecurity.

We're covering the essentials: resume strategies that work, timing your applications right, and what consultant life actually looks like day-to-day.

Join March Kulvanish, Lance Cain, Joshua Prager, Matthew Merrill, and Antero Guy next Thursday! Register at https://ghst.ly/sep-web-tw

We are back with our BloodHound t-shirt fundraiser! 🙌

Grab your BloodHound 8.0 shirt today. All funds raised will go directly to Hope for HIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy.

👕: https://ghst.ly/bh8-tshirt

📆 Save the date for #SOCON2026 in Arlington, VA! This next conference will be bigger than before with a new third talk track.

🧑‍🏫 Conference: April 13-14, 2026
💻 Training: April 15-18, 2026

Sign up now to receive updates → http://specterops.io/so-con

Big thanks to our channel partners @SpecterOps for their support with this video 💙 Map anything with the free and open-source BloodHound Community Edition, or defend your environment with Bloodhound Enterprise! https://jh.live/bloodhound

If you're attending #BHUSA next week, make sure to stop by booth 4527 for a demo of BloodHound v8.0 to see some of these features in action & learn how they can transform your identity risk management strategy.

https://ghst.ly/bhusa-25

Join us for the BloodHound v8.0 deep dive this Thursday!

Justin Kohler, Andy Robbins, Jared Atkinson, and Stephen Hinck will walk through all the new features & show you how to implement these updates in your environment.

Register at http://ghst.ly/july-web-tw

BloodHound v8.0 is here! 🎉

This update introduces BloodHound OpenGraph, revolutionizing Identity Attack Path Management by exposing attack paths throughout your entire tech stack, not just AD/Entra ID.

Also new in this update:

➡️ Microsoft PIM Support - View where Privileged Identity Management roles are in use and verify they're properly secured, ensuring PIM isn't hiding attack paths you thought were eliminated.
➡️ Powerful Integrations - ServiceNow for vulnerability tracking, DUO for enhanced authentication, plus full Kali Linux support for pen testers.
➡️ Enhanced Usability - New Table View, inheritance tracking, advanced back button functionality for seamless collaboration, and the BloodHound Query Library.

Read more from Justin Kohler: https://ghst.ly/bloodhoundv8

Dive into the world of machine learning! ⚙️

Kicking off his blog series, Diego Lomellini uses Micrograd to explain core ML concepts like supervised learning, regression, classification, loss functions, & gradient descent. https://ghst.ly/44n3IeJ