Hacking with Bloodhound: Map Your Environment
Вставка
- Опубліковано 8 лис 2023
- jh.live/bloodhound || Map Attack Paths in Active Directory and Azure with the FREE and open-source BloodHound Community Edition, or defend your environment with Bloodhound Enterprise! jh.live/bloodhound
Free Cybersecurity Education and Ethical Hacking
🔥UA-cam ALGORITHM ➡ Like, Comment, & Subscribe!
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
One feature they missed in the CE edition is “mark user as owned” it’s super beneficial to find attack paths as well 😢
This is coming very soon!
It is available now, just tested it
And BHE marketing campaign should be: let defenders think in graphs too :) really cool
Hi brother. Wanted to thank you,6 months ago i discovered this world thanks to your chanel. I just love it and since then i learn everyday. Props, take care of you and keep going with the good stuff!
What things did you learn??
@@djnikx1 pentest, playing ctf's etc.
Great content. Used Bloodhound in the past. But the upgrades look awesome!
Amazing content John! Thank you very much for sharing.
Thank you so much John for this! So much learnt and I use this tool myself now to a higher degree
Sick! Thanks for the tool upgrade!
The most useful video I have seen in many months! INCREDIBLE
This is great content that taught me something!
Also, PowerShell rules.
The problem is collection method where sharphound is not gonna cut it, cos its super loud out of the box. One has to query AD parse and structure data to even think about using bloodhound
You guys are fire right now.💥🤯
I got a ton of pushback about using this in prod on a blue team. I dont think its justified after talking to my offensive friends. There needs to be more awareness about this being okay to use bc somehow im the only one on my team that didnt believe it would destroy our AD environment.
I'd say they are ganging up on you knowing they would need to give a chunk of their work done by BH. If one is literate and knows how to read I don't see how he would mess up AD?
@@VJ-lu2he I think half the team didn't know what it even was and one guy who definitely knew better fear mongered it and everyone freaked out lol. But you may be on to something with the one guy who fear mongered bc he does a lot of AD type stuff.
IMO there's no reason for any pushback by a blue team.
Either they're scared of security flaws being uncovered that they've configured unknowingly or they simply don't understand its usage to a full extent
I work in the field and its more than likely because it will fire alerts when seen as a file. So most ignorant people think its some kind of malware... which they just need to know its firing an alert simply based off a name or hash "bloodhound.exe" or some itteration and that's it! Not because its malware, but they don't know that as they are ignorant. Bloodhound simply uses netsessionenum command to ask questions not change shit.
Ladies and gentleman ,skiddies and trolls ...give it to our leader....skid army ..........."JHammond"....i love your content bro...all the way from Botswana
Nah, I think NetworkChuck and David Bombal contribute WAAAAAYYYY more to the *skiddie army.* At least John knows what he's doing and when he creates a video that's "too much" (i.e. his HoneyBadger video) he takes it down.
This is pretty mind blowing. Legit audit tool now.
❤ your videos are very important
Love this man loooooove this ❤
specterops is amazing!
Can somebody inexperienced use bloodhound on their own network, then learn how to protect against each vulnerability that pops up?
great work.
If AD traffic is encrypted, how does Bloodhound develop graphical Attack Paths?
Does it actively query devices, sniff traffic and log it all into the path map?
All you can really say is... WOW!
is there a way to mark users as owned and find paths based off of that user, like that was in 'old' bloodhound?
it's coming very soon
@@JustinKohler10 if i could heart your comment i would
Thank you.
I apologies I’m still a script kitten 😅 currently building my own educational testing environment. This would be good to learn fundamentals of attack? Or am I wrong in that case
You are absolutely right. Your educational testing environment (either home developed or there are a lot of training options available for fair prices) should incorporate AD and BloodHound is the first step in understanding the connections and how you can abuse them.
Next ? Sn1per ? 😂
Informative video 🔥👏
I will watch it till the end
Is there something similar that not only shows you your network’s vulnerabilities but can also tell you what/how to secure?
That's BloodHound Enterprise
@@JustinKohler10 thanks
The dude at the bottom has the "Rami Malek" eye movements and i cant stop relating
lol this is me and so true
> Powershell
> Best language
You can only pick one.
I said what I said :p
@@robbinsandy110% dis is da way
for some reason can't find the wiz video, anyone know if its still up?
every time i drag and drop my sharphound outputs, it doesn't go to the database instead it simply gets downloaded back. am i doing it wrong? do i have to upload files via manual ingest?
You need to click the file upload modal before you drag your file over. Let me know if you still have issues
😊Another gem
So even before starting an AD pentest,it's better to run bloodhound just to know your path that you should take..
yuuuup
30:27 My only criticism in this industry is that professionals seem 2 terms to've keyed. "Standing on the shoulders of giants" and "_ " _ ALL the _". independent they're a very rich history artifacts. Combined its like "HOW DO I DO ALL THE THINGS FROM THIS GIANTS SHOULDER"
Running to go download
BloodCat is coming...
Early crew. :3
feels good to hear john natural and not scripty. love your work man, but lately it feels robotic and hypee.
I agree 100%. I can't remember the last time John did a completely unsponsored video, I do miss those days. I do understand the "business" of his YT channel and now that he's fast approaching 1 million subs he's getting more sponsored opportunities and if he's going to be creating vids at 1am he mine-as-well make as much money as possible from them. I will forever appreciate John's giving back to (and building) the community, both on the blue and red team sides of the house. But yes, I think the unsponsored 40 min deep dive/analysis of malware using open-source tools and processes videos are long gone. Good for John on his newfound success, it's long overdue.
How noisy is this to CrowdStrike and Huntress?
curious about this too, will Crowdstrike notice it?
MS Defender for endpoint edr/xdr does detect it, i think crowdstrike would too
BloodHound's default enumeration has been fingerprinted by most EDR/AV products. You can get around this in a couple ways depending on the product and it's always a bit of a cat and mouse game. If you're running it internally at your organization for blue-team purposes, allow-listing is your best bet to capturing the required data @@gamerscodex5454
I guess I'm not as smart. What terminal do I open to install the yml file?
i hate docker, please do things with opensource software. Docker uses political language to say they are opensource. but they are not. please forgo proprietary bs.
We do want to move to podman in the future
Love me some ps
I will translate your video into another language and upload it on UA-cam. I will not give you any commission but I will give you 50% of it.
how to hack other public ip address only i have that error can you help me😊😊
Script kiddie. A youtube comment section isn't the right place for this
true@@thedarkdiamond1207
clown
@@thedarkdiamond1207so where to get in the hacking community? Stopped hacking since WPAs were announced uncrackable
@@thedarkdiamond1207 can you help me
Free Palestine ❤
It is free take 💪🏾😈.
Regardless of your religious beliefs or political views was it ok for hamas to come in and attack hundreds if not thousands of people that day. Killing and injuring innocent people having a good time and minding there own business. Iives are lives. We all come from the same source no matter what you call the so called God it's the same being. There is no my God is better than your God it's the same entity. So free all people. It's like black lives matter. No black lives don't matter. All lives matter. Period.
And plus it's absolutely ridiculous your saying free Palestine in this channel. When this channel is a technical channel. So go elsewhere for that crap.