 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: BloodHound| Names | BloodHound | |
| Category | Tools | |
| Type | Reconnaissance | |
| Description | (PenTestPartners) BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It can be used on engagements to identify different attack paths in Active Directory (AD), this encompasses access control lists (ACLs), users, groups, trust relationships and unique AD objects. The tool can be leveraged by both blue and red teams to find different paths to targets. The subsections below explain the different and how to properly utilize the different ingestors. | |
| Information | <https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/> <https://github.com/BloodHoundAD/BloodHound> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0521/> | |
Last change to this tool card: 30 December 2022
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 20, Violin Panda |  | 2014-2017 | |||
| APT 29, Cozy Bear, The Dukes |  | 2008-Jan 2024  |  | ||
| Stone Panda, APT 10, menuPass | | 2006-Feb 2022 | | ||
| TA2101, Maze Team | [Unknown] | 2019-Feb 2024 | | ||
| Traveling Spider | [Unknown] | 2019-Mar 2021 | |||
| UNC2447 | [Unknown] | 2020 | |||
| Wizard Spider, Gold Blackburn | | 2014-Dec 2023 | | ||
7 groups listed (7 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |