Martin Sohn Christensen
@martinsohn.dk
Security Researcher @ SpecterOps
https://martinsohn.dk
https://martinsohn.dk
If you found the above cool, then check out @sadprocessor.bsky.social's much more comprehensive OpenGraph × Star Wars demo.
specterops.io/blog/2025/09...
specterops.io/blog/2025/09...
BloodHound Operator: The Six Degrees Of Master Yoda - SpecterOps
A Technical Dive Into BloodHound OpenGraph With BloodHound Operator & Master Yoda… TL;DR: The latest version of BloodHound introduces BloodHound OpenGraph. This new feature allows for ingestion of any...
specterops.io
September 19, 2025 at 7:07 PM
If you found the above cool, then check out @sadprocessor.bsky.social's much more comprehensive OpenGraph × Star Wars demo.
specterops.io/blog/2025/09...
specterops.io/blog/2025/09...
Cool! Is there a way to enum Symantec assets via LPDAP? E.g. does the server/service acc have a specific SPN?
June 16, 2025 at 8:41 AM
Cool! Is there a way to enum Symantec assets via LPDAP? E.g. does the server/service acc have a specific SPN?
The blog post: specterops.io/blog/2025/05...
Understanding & Mitigating BadSuccessor - SpecterOps
Understanding the impact of the BadSuccessor AD attack primitive and mitigating the abuse via targeted Deny ACEs on Organizational Units.
specterops.io
June 3, 2025 at 10:06 AM
The blog post: specterops.io/blog/2025/05...
Butthole*... Excellent typo
February 7, 2025 at 10:58 AM
Butthole*... Excellent typo
Other than securing DNS, what could prevent this technique?
Require SMB client signing? Some Kerberos hardening setting? Or only tiering (eg. Auth. Policy Silo)?
Require SMB client signing? Some Kerberos hardening setting? Or only tiering (eg. Auth. Policy Silo)?
November 25, 2024 at 8:33 PM
Other than securing DNS, what could prevent this technique?
Require SMB client signing? Some Kerberos hardening setting? Or only tiering (eg. Auth. Policy Silo)?
Require SMB client signing? Some Kerberos hardening setting? Or only tiering (eg. Auth. Policy Silo)?
Windows ships with insecure defaults for network shares, granting Read access to Everyone. But you can change that with "SrvsvcDefaultShareInfo" in the registry.
I made a post about it: blog.improsec.com/tech-blog/ne...
I made a post about it: blog.improsec.com/tech-blog/ne...
November 15, 2024 at 8:49 AM
Windows ships with insecure defaults for network shares, granting Read access to Everyone. But you can change that with "SrvsvcDefaultShareInfo" in the registry.
I made a post about it: blog.improsec.com/tech-blog/ne...
I made a post about it: blog.improsec.com/tech-blog/ne...