Using Bloodhound as a Defender: Tips from the Red Team

Learn how to leverage BloodHound from a defensive perspective in this 35-minute conference talk from BSidesCharm 2024. Discover why critical Active Directory permission issues and misconfigurations often remain undetected by traditional security tools for extended periods. Explore the newly released ad-recon tool that rapidly analyzes BloodHound data through Neo4j cypher queries to identify security vulnerabilities. Master the interpretation of query results, understand their implications for attackers, and implement effective defensive measures. Gain hands-on knowledge of customizing queries for various platforms including Neo4j interface, Cypher-Shell, and BloodHound GUI. Presented by Andrew McNicol, BreakPoint Labs CTO with 13 years of offensive security assessment experience, bringing valuable insights from both red team and penetration testing perspectives across DoD, Federal, Law Enforcement, and commercial sectors.