Ghost Spectre OS disables many security features by default. Applying this playbook to a machine connected to the internet—especially one handling sensitive data—exposes it to malware, ransomware, and remote exploits.
The basic Ghost Spectre Playbook works for general users. But advanced players have written addendums for specific scenarios. ghost spectre playbook
| Tactic | Technique ID | Procedure |
|--------|--------------|------------|
| Defense Evasion | T1055 | Process injection (e.g., into explorer.exe or svchost.exe) |
| Execution | T1106 | Native API calls (NtCreateThreadEx) to bypass user-mode hooks |
| Persistence | T1547 | Boot or logon autostart entry via Run keys (rarely used—prefers memory-only) |
| Discovery | T1016 | Network configuration enumeration without spawning cmd.exe |
| Collection | T1113 | Keylogging via SetWindowsHookEx |
| Command & Control | T1573 | Encrypted channels over HTTPS or DNS tunneling | Ghost Spectre OS disables many security features by default
Resonance Risk
Every time you use a Tier 3 or Ultimate ability, roll a d6. On a 1, you suffer “Resonance Bleed”: all humans within 50m feel a sudden dread chill. Any guard on alert gains +1 perception against you for 1 turn. But advanced players have written addendums for specific
No Corpse, No Crime
If you eliminate a target without being witnessed, you may spend 1 action to “erase their presence.” No blood, no body, no camera footage. They simply become a missing person.
Liminal State
You cannot be knocked unconscious or poisoned. However, EM pulses, salt circles, or blessed wards act as “solid terrain” to you.