bofhound
GoodHound
bofhound | GoodHound | |
---|---|---|
1 | 2 | |
285 | 438 | |
-0.7% | - | |
2.4 | 0.0 | |
4 months ago | about 2 years ago | |
Python | Python | |
BSD 4-Clause "Original" or "Old" License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bofhound
-
Dealing with large BloodHound datasets
Tool Language Url Notes SharpHound .NET 4 executable https://github.com/BloodHoundAD/SharpHound/ Also possible to be executed in-memory using Cobalt Strike, check @william_knows’ blog post AzureHound PowerShell https://github.com/BloodHoundAD/AzureHound/ Specifically for Azure environments, outside of the scope of this article SharpHound.ps1 PowerShell https://github.com/BloodHoundAD/BloodHound/ Available from the Collectors folder. Using PowerShell reflectively loads the embedded SharpHound.exe .NET executable. It exposes the Invoke-BloodHound function which calls the main function of the SharpHound binary. SharpHound.py Python https://github.com/fox-it/BloodHound.py/ Python version of SharpHound ADExplorerSnapshot.py Python https://github.com/c3c/ADExplorerSnapshot.py/ Convert Sysinternals ADExplorer snapshots to BloodHound-compatible JSON files. BOFHound Python https://github.com/fortalice/bofhound/ Generate BloodHound compatible JSON from logs written by ldapsearch BOF and pyldapsearch.
GoodHound
-
Dealing with large BloodHound datasets
Name Description Url BloodHound BloodHound GUI https://github.com/BloodHoundAD/BloodHound/ PlumHound Generate a report with actions to resolve the security flaws in the Active Directory configuration https://github.com/DefensiveOrigins/PlumHound/ GoodHound GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. https://github.com/idnahacks/GoodHound/ BlueHound Tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network. https://github.com/zeronetworks/BlueHound/
- GoodHound - Using Bloodhound as a defender - prioritise which attack paths to fix first.
What are some alternatives?
SharpHound - C# Data Collector for BloodHound
Keylogger - Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
AzureHound - Azure Data Exporter for BloodHound
APT-Hunter - APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
UltimateAppLockerByPassList - The goal of this repository is to document the most common techniques to bypass AppLocker.
ansible-ad-inventory - Ansible Active Directory Inventory script
LOLBAS - Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
SlackPirate - Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
chophound - Some scripts to support with importing large datasets into BloodHound
sam-the-admin - Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
LOOBins - Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
PWF - Practical Windows Forensics Training