Post Compromise Enumeration

POWERVIEW

LogoPowerSploit/PowerView.ps1 at master · PowerShellMafia/PowerSploitGitHub

SharpHound

LogoBloodHound/SharpHound.ps1 at master · BloodHoundAD/BloodHoundGitHub
PS>
Import-Module C:\Enterprise-Share\sharphound.ps1
Invoke-BloodHound -CollectionMethod All

ie. a zip will be created that we can import in Bloodhound in below format:
20211217084021_BloodHound.zip

BLOODHOUND

LogoLinux — BloodHound 3.0.3 documentation
sudo apt-get install neo4j
sudo neo4j console

This would run the neo4j service. INFO Bolt enabled on localhost:7687 INFO Remote interface available at http://localhost:7474/

Default Credentials: neo4j/neo4j

If there is password error while logging in,

  1. Stop neo4j if its running

  2. edit /etc/neo4j/neo4j.conf, and uncomment dbms.security.auth_enabled=false

  3. connect to the database and run

    ALTER USER neo4j SET PASSWORD 'mynewpass'; :exit

  4. Stop neo4j

  5. comment out the dbms.security.auth_enabled=false

  6. start neo4j

apt install bloodhound

setup neo4j console and open it in browser to access. We can run invoke-bloodhound to collect data and import it in neo4j localhost to get idea about AD.

LogoBloodHound/SharpHound.ps1 at master · BloodHoundAD/BloodHoundGitHub
PreviousAttack VectorsNextPost Compromise Attacks

Last updated

Was this helpful?