BloodHound, available at bloodhound.readthedocs.io, maps Windows Active Directory permissions to a graph database that lets users trace attack paths using a GUI and a query system. To make that more concrete, BloodHound can answer questions such as:
- Who is allowed to RDP to Computer132?
- Which computers does JohnSmith have admin access to?
- What are all the users with effective Domain Administrator access?
- How can an attacker escalate privileges on the network?
Throughout this post, I will share specific recommendations for what to look for in BloodHound to find quick wins when securing a network…