Joined March 2011
- Tweets 5,447
- Following 1,534
- Followers 36,112
- Likes 5,259
737 Photos and videos
Andy Robbins retweeted
Jan 13
My SCCM BloodHound OpenGraph collector, ConfigManBearPig, is finally ready to share! It can enumerate all of the relay TAKEOVERs and a few CRED and ELEVATE techniques from Misconfiguration Manager with just a domain account. Let me know what you find! specterops.io/blog/2026/01/1…
5
75
179
14,860
Andy Robbins retweeted
2 Dec 2025
Stack spoofing isn’t dead.
Hear from @klezvirus at #BHEU on how modern detection still breaks, and unveils the first CET-compliant stack spoofing framework.
Learn more ➡️ ghst.ly/4izmuou
2
21
45
5,458
Andy Robbins retweeted
3 Dec 2025
3 Dec 2025
SCOM monitors critical systems, but insecure defaults make it a powerful attack vector.
At #BHEU, @unsigned_sh0rt & @breakfix show how to abuse SCOM for credential theft, lateral movement, and domain escalation, plus how to defend it. ghst.ly/4aoggph
3
41
132
18,998
Andy Robbins retweeted
3 Dec 2025
SCOM monitors critical systems, but insecure defaults make it a powerful attack vector.
At #BHEU, @unsigned_sh0rt & @breakfix show how to abuse SCOM for credential theft, lateral movement, and domain escalation, plus how to defend it. ghst.ly/4aoggph
31
73
25,126
Andy Robbins retweeted
26 Nov 2025
Just in time for the holidays, I wanted to share something that a lot of people have asked for: youtube.com/playlist?list=PL…
Short videos about Mythic development and customizations. This is just the start - I'll release a survey soon that'll get feedback for the next batch :)
1
17
45
5,543
Andy Robbins retweeted
23 Oct 2025
Credential Guard was supposed to end credential dumping. It didn't.
@bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled.
Read for more ⤵️ ghst.ly/4qtl2rm
11
336
738
137,093
Andy Robbins retweeted
20 Oct 2025
In this post @_wald0 introduces PingOneHound, a BloodHound OpenGraph extension that allows users to visualize, audit, and remediate attack paths in their PingOne environment. The blog post also serves as an introduction to the PingOne architecture.
specterops.io/blog/2025/10/2…
24
51
7,968
Andy Robbins retweeted
4 Sep 2025
BloodHound isn't just for Active Directory anymore. 🤯
@SadProcessor dives into the BloodHound OpenGraph functionality & demonstrates the new PowerShell cmdlets added to the BloodHound Operator module to work with the OpenGraph feature. ghst.ly/4peTTrB
1
22
76
6,436
Andy Robbins retweeted
3 Sep 2025
ICYMI: BloodHound OpenGraph, introduced with BloodHound v8.0, allows you to map attack paths across your entire tech stack. @JustinKohler10 & @_wald0 recently joined @_JohnHammond to discuss the new feature and share a demo.
Watch the conversation 👉 ghst.ly/4fNZLDM
3
16
3,112
27 Aug 2025
🚨 New #BloodHound shirt alert 🚨
✅ - Unisex and ladies sizes available
✅ - Cool design :)
✅ - ALL profits go to charity:
Hope for HIE, which supports families suffering the effects of hypoxic ischemic encephalopathy
Get your shirt here: ghst.ly/bh8-tshirt
1
11
21
5,082
Andy Robbins retweeted
25 Aug 2025
We are back with our BloodHound t-shirt fundraiser! 🙌
Grab your BloodHound 8.0 shirt today. All funds raised will go directly to @HopeforHIE, the global voice for families affected by Hypoxic Ischemic Encephalopathy.
👕: ghst.ly/bh8-tshirt
12
33
7,118
Andy Robbins retweeted
13 Aug 2025
Check out my new blog on nested app authentication and brokered authentication.
13 Aug 2025
Why should Microsoft's Nested App Authentication (NAA) should be on your security team's radar? @Icemoonhsv breaks down NAA and shows how attackers can pivot between Azure resources using brokered authentication. ghst.ly/45h2Zw3
2
17
41
12,843
Dear fellow pentesters & red teamers,
How often do you run into a vCenter in your client’s environment? 🖥️
I just built one for vCenter - meet vCenterHound 🐾😉
This is just the beginning… more collectors and surprises are on the way.
#Pentesting #RedTeam #BloodHound #vCenter
1
39
157
9,717
Andy Robbins retweeted
4 Aug 2025
This post about MSSQLHound, a PowerShell collector that adds 7 new nodes and 37 new edges to BloodHound, details my experience and lessons learned designing and implementing the tool using OpenGraph and provides examples of how to research and discover MSSQL attack paths.
4 Aug 2025
MSSQLHound leverages BloodHound's OpenGraph to visualize MSSQL attack paths with 7 new nodes & 37 new edges, all without touching the SharpHound & BloodHound codebases.
@_Mayyhem unpacks this new feature in his blog post. 👇 ghst.ly/4leRFFn
30
94
8,015
Andy Robbins retweeted
4 Aug 2025
MSSQL support just landed in BloodHound! You can now map out how attackers might use SQL servers to move laterally. This is incredibly useful in hybrid and legacy heavy environments. Let us know what you find.
Learn more ➡️ ghst.ly/MSSQLHound
1
20
64
4,574
Andy Robbins retweeted
4 Aug 2025
MSSQLHound leverages BloodHound's OpenGraph to visualize MSSQL attack paths with 7 new nodes & 37 new edges, all without touching the SharpHound & BloodHound codebases.
@_Mayyhem unpacks this new feature in his blog post. 👇 ghst.ly/4leRFFn
2
52
134
16,268
Andy Robbins retweeted
1 Aug 2025
More on BH OpenGraph: Ran into some issues when attempting to map objects collected with partial info back to existing BH objects. Built out a small tool that allows for connecting objects in a more flexible manner: github.com/G0ldenGunSec/Open…
1
24
59
6,235
1 Aug 2025
In this blog post I explain the fundamental building blocks, vocabulary, and principles of attack graph design for BloodHound: specterops.io/blog/2025/08/0…
1
42
95
8,855
Andy Robbins retweeted
30 Jul 2025
Entra Connect sync accounts can be exploited to hijack device userCertificate properties, enabling device impersonation and conditional access bypass.
@hotnops explores cross-domain compromise tradecraft within the same tenant.
Read more ⤵️ ghst.ly/3ISMGN9
2
58
116
9,314
Andy Robbins retweeted
29 Jul 2025
I'm SO hyped to finally make MSSQLHound public! It's a new BloodHound collector that adds 37 new edges and 7 new nodes for MSSQL attack paths using the new OpenGraph feature for 8.0!. Let me know what you find with it!
- github.com/SpecterOps/MSSQLH…
- specterops.io/blog/2025/07/2…
7
215
628
39,991