“live / nbhec3rdzwy tools - https : / / github. com / plumhound / plumhound - https : / / bloodhound. specterops. io / home - https : / / github. com / coffeegist / bofhound / - https : / / github. com / c3c / adexplorersnapshot - https : / / learn. microsoft. com / en - us / sysi…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1087.002Domain Account
78%
“and connect to the domain to which the computer is joined. once connected to the ad database, you can export ad data by selecting the “ save ” floppy disk icon and creating a snapshot of the domain. the snapshot will be stored in a. dat file. this. dat file can be converted into …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1482Domain Trust Discovery
60%
“a practical guide to bloodhound data collection a practical guide to bloodhound data collection bloodhound is a tool used to enumerate active directory ( ad ) information. it is commonly employed to identify vulnerable configurations and attack paths in active directory. bloodhou…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1087.002Domain Account
57%
“default tasks. you can click on each individual report ’ s “ details ” to obtain more information. you can also filter by certain values in the columns. for example, you can filter for “ enabled ” accounts. in addition, plumhound includes the cypher queries used to generate the r…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1087.002Domain Account
49%
“a practical guide to bloodhound data collection a practical guide to bloodhound data collection bloodhound is a tool used to enumerate active directory ( ad ) information. it is commonly employed to identify vulnerable configurations and attack paths in active directory. bloodhou…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1087.002Domain Account
39%
“. for example, you can list all domain admins. there are also built - in escalation path queries, such as built - in queries for active directory certificate services ( adcs ) privilege escalation techniques. the screenshot below shows a privilege escalation path using esc1 for t…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
This blog will not dive too deeply into BloodHound itself; instead, we will focus on various methods to collect AD data to provide BloodHound as input.
