How To Enumerate Active Directory with BloodHound -- (Without Being Overwhelmed!)
Вставка
- Опубліковано 25 лис 2024
- BloodHound leverages graph theory to uncover hidden and often unintended relationships within Active Directory, Entra, and Azure environments. Attackers use BloodHound to quickly identify complex attack paths that would otherwise be difficult to detect, while defenders can utilize it to pinpoint and eliminate those same vulnerabilities.
In this video, I provide a detailed overview of the following:
Installing BloodHound
Using Python to get the "loot" from the target.
Analyzing attack paths in BloodHound.
I also share a custom script to help with getting the information from the target system.
Enjoy!
Script: github.com/Ten...
----------
This content is intended for educational purposes only. All demonstrations and techniques shown are designed to teach ethical hacking and improve cybersecurity. Any use of the information provided in these videos is done at your own risk and should be used responsibly. Unauthorized hacking, illegal activities, or violations of privacy are not endorsed or encouraged. Always ensure you have proper authorization before attempting any security testing or hacking. - Наука та технологія
amazin video and very useful for certifications like PNPT and CPTS
The best video on how to use bloodhound easily. Thanks man for sharing this content with us!
great video, waiting to get to the win-rm module in htb academy!
Nice video, think about showing how to use more complex bloodhound queries, And one problem in the comunity edition is if you ended your testing on this domain and now want to upload new data from other domain you cant remove that data that already exists and you have to delete the docker container and install it again every time, thats really anoying
Yeah, that's true
* For Bash compatible shells: `docker volume rm $(docker volume ls -q | grep neo4j-data)`
* For PowerShell: `docker volume rm @(docker volume ls -q | Select-String neo4j-data)`
this is amazing thanks dude .......!!!!
Great video again.
How can you run the script to collect if you are in a different IP range?
Hope you can answer my question.
@TylerRamsbey Hope you can answer my question. Or put it in a new video :D I watch them all
I still use the old version (old school) start the neo4j then run the bloodhound do you recommend the new one over old version what are your thoughts on this
Hey, thanks for the content. Would it be possible to get a video with more in-depth focus on Bloodhound analysis ? Basically, if there is no obvious path from the compromised user to domain admins group, where to look for ? I suppose few Cypher queries are very useful. Which ones are you using, in practise ? Cheers
Yes, I'll plan for something in the near future :)
@@TylerRamsbey Great ! Thank you
@@TylerRamsbey How can you run the script to collect if you are in a different IP range?
your offensive security filess are not available
Tyler can you use this on the OSCP exam???
Yes, BloodHound is crucial for OSCP! It doesn't do any automated exploitation, which is the key. Use it and prosper!
OLd VErsion is legend ,new verion is very laggy
I personally haven't noticed any lag with the new version
True.. in windows
Update your PC configuration.
wow really informative .
is there a way to contact you?
Discord - hacksmarter.org