Overview
Explore the advanced techniques of BloodHound and the Adversary Resilience Methodology in this 50-minute conference talk from WEareTROOPERS. Dive into Resource Based Constrained Delegation, UI improvements, and collector enhancements. Learn how BloodHound simplifies Group Policy Control audits, allowing for quick identification of non-Domain Administrators who can control GPOs affecting Domain Administrators. Examine least privilege violations from multiple perspectives and discover methods for finding systemic issues using tools like bloodhoundanalytics.pbix and bloodhoundanalytics.py. Gain insights into the percentage of users with a path to Domain Admin and understand why both attackers and defenders think in graphs when it comes to network security.
Syllabus
Intro
Resource Based Constrained Delegation
Ul Improvements
Collector Improvements
BloodHound Greatly Simplifies
Group Policy Control Audit at a Glance
Just tell me which non-DAs can control any GPO that applies to any DA and how
Least Privilege Violations: Two Perspectives
Result
Finding Systemic Issues
bloodhoundanalytics.pbix
Percentage of Users with a Path to DA
bloodhoundanalytics.py
Atteckere-DEFENDERS think in graphs
Taught by
WEareTROOPERS