Manually Enumerating AD Attack Paths with BOFHound - Matt Creel & Adam Brown [SO-CON 2024]
Вставка
- Опубліковано 5 вер 2024
- Red team operators are often faced with the conundrum of running SharpHound and risking detection, or fighting the uphill battle of mapping Active Directory attack paths without BloodHound’s aid. In this talk, we’ll examine a workflow that grants operators granular control over the speed and depth of Active Directory enumeration, while still leveraging the power of BloodHound’s relationship mapping and Cypher queries. The discussion will also cover common SharpHound detection strategies and how to account for them when approximating a SharpHound data collection.
![Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]](http://i.ytimg.com/vi/nvaOszFzXCQ/mqdefault.jpg)
![Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]](/img/tr.png)
![Domain Persistence: Detection, Triage, and Recovery - Josh Prager & Nico Shyne [SO-CON 2024]](http://i.ytimg.com/vi/1DseeBdRU3U/mqdefault.jpg)
![LSA Whisperer - Evan McBroom [SO-CON 2024]](http://i.ytimg.com/vi/G73inzfLU9A/mqdefault.jpg)
![The BloodHound Enterprise State of Attack Path Management - Justin Kohler [SO-CON 2024]](/img/n.gif)