1. X
  2. Andy Robbins
Log inSign up
Andy Robbins
5,446 posts
Image
user avatar
Andy Robbins
@_wald0
Co-founder of SpecterOps. Co-creator of BloodHound. bsky.app/profile/andyro…
Seattle, WA
wald0.com
Joined March 2011
1,531
Following
36K
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    Andy Robbins
    @_wald0
    Nov 27, 2024
    I'm on Bluesky here: bsky.app/profile/andyro…
    3.3K
  • user avatar
    Andy Robbins
    @_wald0
    Mar 28, 2024
    Living in the Seattle area, you can find very interesting articles of clothing at second hand stores. 11 years ago I found what I thought was the ultimate physical pentesting jacket
    Image
    140K
  • user avatar
    Andy Robbins
    @_wald0
    Aug 25, 2022
    How to prevent Kerberoasting: Kerberoasting is an incredibly powerful and reliable attack against Active Directory. In some situations it can result in an attacker becoming Domain Admin nearly instantaneously. Here's how to prevent this attack: 🧵
    Image
  • user avatar
    Andy Robbins
    @_wald0
    Sep 21, 2022
    For the past couple years I've been using diagrams like these, trying to simply explain complicated things. Today I'm releasing all of these under Creative Commons BY 4.0. You are free to use, adapt, and modify these for any purpose under CC BY 4.0: bit.ly/3BE4zbj
    Image
    Image
    Image
    Image
  • user avatar
    Andy Robbins
    @_wald0
    May 16, 2022
    If your entire enterprise security model crumbles because a user fell for a phish, that's not the user's fault.
  • user avatar
    Andy Robbins
    @_wald0
    Feb 25, 2022
    There has never been a better time than right now to get involved with Azure security research. Not convinced yet? Let's compare where we are with Azure versus where we are with on-prem AD: 🧵
  • user avatar
    Andy Robbins
    @_wald0
    Nov 20, 2020
    I'm proud to announce the release of #BloodHound 4.0: The Azure Update! Blog: posts.specterops.io/introducing-bl… BloodHound 4.0 Release Poster: redbubble.com/i/metal-print/… Get BloodHound: bit.ly/GetBloodHound Docs: bloodhound.readthedocs.io/en/latest/ Join the BloodHound Slack: bit.ly/BloodHoundSlack
    Image
    00:00
  • user avatar
    Andy Robbins
    @_wald0
    Aug 17, 2020
    Pivoting from Azure back down to on-prem AD opens up some very exciting attack path possibilities. In this post, I explain what Hybrid Azure Join is, target enumeration, and how to abuse Intune/Endpoint Manager to execute code as SYSTEM on target systems posts.specterops.io/death-from-abo…
    Image
  • user avatar
    Andy Robbins
    @_wald0
    Aug 6, 2022
    From initial access to Global Admin with #BloodHound and BARK. In this thread let's walk, step by step, through an example attack path based on real configurations we've seen in real environments:
  • user avatar
    Andy Robbins
    @_wald0
    Jan 31, 2019
    1/n - Here's how #BloodHound can help you determine whether you are vulnerable to PrivExchange by @_dirkjan: Find the domain head object in the BloodHound GUI, click the number next to "First Degree Controllers". See whether an Exchange security group is present:
    Image
  • user avatar
    Andy Robbins
    @_wald0
    Feb 11, 2020
    #BloodHound 3.0 is here! BloodHound: bit.ly/GetBloodHound Blog: bit.ly/3bu3chl Webinar deck: bit.ly/3837gTx Webinar recording coming soon #BloodHound 3.0 shirt: (all profits go to @MDAorg) customink.com/fundraising/th…
    Image
  • user avatar
    Andy Robbins
    @_wald0
    Apr 18, 2022
    Just when you thought you'd seen it all.
    Image
  • user avatar
    Andy Robbins
    @_wald0
    Apr 2, 2018
    #BloodHound 1.5 enables easy GPO enforcement analysis. Here's my write-up on how red teams can take advantage of this on their tests:
    Image
    A Red Teamer’s Guide to GPOs and OUs
    From specterops.io
  • user avatar
    Andy Robbins
    @_wald0
    Jul 25, 2019
    Question: How do I abuse a relationship that #BloodHound is showing me? Answer: Right click the edge and click "Help" for lots of useful info including abuse instructions, opsec considerations, and references.
    Image
    00:00
Advertisement
Advertisement