View profile

Infosec Journal - Issue #1

Infosec Journal Crew
Infosec Journal Crew
This newsletter is an effort to help organizations make better decisions about security related topics through distilling the snake-oil, advertising, and self interest into actionable data. - BloodHound
Red Side
This repository allows you to take an AD Explorer snapshot and ingest it into BloodHound. That way you can use a Microsoft signed binary to get most of the data you would need for a BloodHound review.
GitHub - c3c/ is an AD Explorer snapshot ingestor for BloodHound.
Blue Side
If you want to know why this is important or how this tool has been used in the past go check out the BHIS blog post:
Domain Goodness - How I Learned to LOVE AD Explorer - Black Hills Information Security
But what you are going to want to look for on your network is : adexplorer.exe -snapshot “” mysnap.dat or something similar.
And if you don’t know what BloodHound is, I would highly recommend you check it out the documentation below, but basically it’s a vulnerability scanner for Active Directory. Where normal vulnerability scanners find exploits and bugs in software, BloodHound identifies attack paths for your specific configurations of Active Directory.
It does take a pretty decent knowledge of Active Directory to understand those attack paths, that’s the part where it’s open source. They do have an enterprise verison:
Attack Paths are a big difficult complex serious problem.
I would also recommend checking out PingCastle which does similar work:
Home - PingCastle
I am not sponsored or paid by any company these are just recommendations from a pentester who is tired of breaking in to Active Directory the same ways each time.
Did you enjoy this issue? Yes No
Infosec Journal Crew
Infosec Journal Crew @mubix

Here we take the news, knowledge, and experiences, grind it up into actual useable bits, and share it out to you. What you do with it, well that's up to you.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.