all InfoSec news
BOFHound: Session Integration
Security Boulevard securityboulevard.com
Background
If you’ve found yourself on a red team assessment without SharpHound (maybe due to OPSEC or stealth requirements), you’d probably agree that mapping Active Directory is significantly more difficult. Tying down nested group memberships and trying to map ACL-based attack paths can become exceedingly complex outside of BloodHound’s user interface and its Cypher queries. In early 2022, Adam Brown and I released BOFHound (now being maintained in a fork) as one approach to address these difficulties. Despite the …
acl active directory assessment attack attack paths bloodhound can cypher directory down found integration interface map mapping nested opsec red team red team assessment requirements session stealth team user interface