THREATOPS
THREAT OPSThreat News › Introducing TailscaleHound: Mapping Tailscale Attack Paths in BloodHound

Introducing TailscaleHound: Mapping Tailscale Attack Paths in BloodHound

lowspecteropsPublished 2026-05-21

<p class="wp-block-paragraph"><em><strong>TL;DR</strong>: TailscaleHound is an <a href="https://specterops.io/opengraph/">OpenGraph</a> collector for BloodHound that maps Tailscale users, devices, groups, tags, ACLs, grants, SSH rules, routes, app connectors, services, keys, invites, webhooks, and hybrid Azure identity relationships. The result is a graph that helps answer practical questions like

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://specterops.io/blog/2026/05/21/tailscalehound/