Detecting AD Enumeration with BloodHound | Threat SnapShot
Вставка
- Опубліковано 6 жов 2024
- In this Threat SnapShot, we're going to be digging into BloodHound -- an Active Directory enumeration tool that uses graph theory to identify misconfigurations and find complex attack paths. Used by both defenders and attackers alike, we'll take a look at some of the forensic artifacts left behind when running BloodHound, as well as discuss threat hunting and detection strategies using endpoint, network, and Windows audit trail events.
Resources:
bloodhound.rea...
github.com/Blo...
bloodhoundente...
/ 1059841882086232065
/ detecting-ldap-enumera...
app.snapattack... - Collection: BloodHound
app.snapattack... - Threat: BloodHound with Decoy Tokens
app.snapattack... - Detection: Bloodhound and Sharphound Hack Tool
app.snapattack... - Detection: BloodHound Collection Files
app.snapattack... - Detection: Unusually Large LDAP Query
app.snapattack... - Detection: AD User Enumeration
app.snapattack... - Detection: Suspicious Domain Object Access
I really liked this demo I'm going to subscribe keep pumping out the content
Do you have a community addition of SnapAttack?