Operator at SpecterOps. Opinion is my own.

Joined January 2018
I'm happy to release Apollo today - a .NET implant for Windows using Mythic. @its_a_feature_ +I have worked hard on both the client+server side to implement a large suite of features including SOCKS. Read more: posts.specterops.io/sharing-… Agent Source: github.com/MythicAgents/Apol…
0
80
177
Dwight Hohnstein retweeted
I was looking at some old slides and had forgotten I made a stack explanation with cat loafs.
12
60
352
GIF
Dwight Hohnstein retweeted
Introducing Brute Ratel C4 #BRC4 - A highly customizable #C2 framework. You can find a full list of features here > bruteratel.com/tabs/features… And a bonus rant of how #BRC4 🦡 came into existence >>> bruteratel.com/
8
44
118
Dwight Hohnstein retweeted
Evening mini tool release time! 7kB PIC blob to bypass AV/EDR UM hooks using Section Remapping, designed to be used with loaders, can be used to protect spawned sacrificial processes Tool + Writeup: github.com/slaeryan/AQUARMOU…
3
159
310
GIF
Dwight Hohnstein retweeted
New blog post discussing approaches to evasion that use less anecdotal evidence (technique X worked against Y) to one which uses observed agent capabilities to determine OPSEC-safe techniques. posts.specterops.io/adventur… 1/5
5
215
423
Show this thread
Dwight Hohnstein retweeted
New blog post is up looking at how .NET DLL exports work behind the scenes, and how we can use the portal created to invoke managed code. blog.xpnsec.com/the-net-expo…
8
148
349