GUI/Graph Queries Find All edges any owned user has on a computer MATCH p=shortestPath((m:User)-[r]->(b:Computer)) WHERE m.owned RETURN p Find All Users with an SPN/Find all

GUI/Graph Queries Find All edges any owned user has on a computer MATCH p=shortestPath((m:User)-[r]->(b:Computer)) WHERE m.owned RETURN p Find All Users with an SPN/Find all
Lateral movement is the process of moving from one compromised host to another. Penetration testers and red teamers alike commonly used to accomplish this by executing powershell.exe to run a base64 encoded command on the remote host, which would return a beacon. The problem with this is that offensive PowerShell is not a new concept […]
List of Cypher queries to help analyze AzureHound data. Queries under ‘GUI’ are intended for the BloodHound GUI (Settings>Query Debug Mode). Queries under ‘Console’ are
I was recently on an engagement where we phished in and ran into UAC which gave me more trouble than I expected. When a user
Kerberos is the preferred way of authentication in a Windows domain, with NTLM being the alternative. Kerberos authentication is a very complex topic that can
Over the past decade, Azure’s presence in businesses has grown significantly as new features and support were added to Azure. The purpose of this article