PlumHound - Bloodhound for Blue and Purple Teams

  •        171

Released as Proof of Concept for Blue and Purple teams to more effectively use BloodHoundAD in continual security life-cycles by utilizing the BloodHoundAD pathfinding engine to identify Active Directory security vulnerabilities resulting from business operations, procedures, policies and legacy service operations. PlumHound operates by wrapping BloodHoundAD's powerhouse graphical Neo4J backend cypher queries into operations-consumable reports. Analyzing the output of PlumHound can steer security teams in identifying and hardening common Active Directory configuration vulnerabilities and oversights.

https://github.com/PlumHound/PlumHound

Tags
Implementation
License
Platform

   




Related Projects

AD-control-paths - Active Directory Control Paths auditing and graphing tools

  •    C

Control paths in Active Directory are an aggregation of "control relations" between entities of the domain (users, computers, groups, GPO, containers, etc.) which can be visualized as graphs (such as above) and whose purpose is to answer questions like "Who can get 'Domain Admins' privileges ?" or "What resources can a user control ?" and even "Who can read the CEO's emails ?". New workflow for all steps, automating neo4j setup and import.

ad-ldap-enum - An LDAP based Active Directory user and group enumeration tool

  •    Python

ad-ldap-enum is a Python script that was developed to discover users and their group memberships from Active Directory. In large Active Directory environments, tools such as NBTEnum were not performing fast enough. By executing LDAP queries against a domain controller, ad-ldap-enum is able to target specific Active Directory attributes and build out group membership quickly. ad-ldap-enum outputs three tab delimited files 'Domain Group Membership.tsv', 'Extended Domain User Information.tsv', and 'Extended Domain Computer Information.tsv'. The first file contains users, computers, groups, and their memberships. The second file contains users and extra information about the users from Active Directory (e.g. a user's home folder or email address). The third file contains devices in the Domain Computers group and extra information about them from Active Directory (e.g. operating system type and service pack version).

LINQ to Active Directory

  •    LINQ

LINQ to Active Directory implements a custom LINQ query provider that allows querying objects in Active Directory. Internally, queries are translated into LDAP filters which are sent to the server using the System.DirectoryServices .NET Framework library.

LogonTracer - Investigate malicious Windows logon by visualizing and analyzing Windows event log

  •    Python

LogonTracer is a tool to investigate malicious logon by visualizing and analyzing Windows Active Directory event logs. This tool associates a host name (or an IP address) and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occurs and which host is used. This tool can visualize the following event id related to Windows logon based on this research. LogonTracer uses PageRank, Hidden Markov model and ChangeFinder to detect malicious hosts and accounts from event log. With LogonTracer, it is also possible to display event logs in a chronological order.

ad - Making Active Directory jQuery-easy

  •    Javascript

Making Active Directory jQuery-easy.AD is a Javascript implementation of common Active Directory tasks, built to be simple as possible.


usethis - Set up commonly used 📦 components

  •    R

usethis is a workflow package: it automates repetitive tasks that arise during project setup and development, both for R packages and non-package projects. Most use_*() functions operate on the active project: literally, a directory on your computer. If you’ve just used usethis to create a new package or project, that will be the active project. Otherwise, usethis verifies that current working directory is or is below a valid project directory and that becomes the active project. Use proj_get() or proj_sitrep() to manually query the project and read more in the docs.

passport-azure-ad - Azure Active Directory Authentication Strategies using Node and Passportjs

  •    Javascript

passport-azure-ad is a collection of Passport Strategies to help you integrate with Azure Active Directory. It includes OpenID Connect, WS-Federation, and SAML-P authentication and authorization. These providers let you integrate your Node app with Microsoft Azure AD so you can use its many features, including web single sign-on (WebSSO), Endpoint Protection with OAuth, and JWT token issuance and validation. passport-azure-ad has been tested to work with both Microsoft Azure Active Directory and with Microsoft Active Directory Federation Services.

BloodHound - Six Degrees of Domain Admin

  •    PowerShell

Pre-Compiled BloodHound binaries can be found here. The rolling release will always be updated to the most recent source. Tagged releases are considered "stable" but will likely not have new features or fixes.

User Membership and Profile Management using Active Directory and Asp.net webApp

  •    ASPNET

This is demo application to show, how to implement active directory authentication , managing users , active directory membership and profile management.

Import Photos into Active Directory

  •    

"Import Photos into Active Directory" is a simple command-line project designed to import a collection of photos from a folder into to Active Directory. This imports images in a form viewable from Outlook 2010.

Active Directory Utils

  •    

A collection of utilities and sample code for administering Active Directory. All code is in C#.

Pyad - Python Active Directory Interface

  •    Python

A general Python library designed that allows easy object-oriented interfacing with the Windows Active Directory through ADSI (Active Directory Scripting Interface).

icebreaker - Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

  •    PowerShell

Break the ice with that cute Active Directory environment over there. When you're cold and alone staring in at an Active Directory party but don't possess even a single AD credential to join the fun, this tool's for you. Sequentially automates 5 internal network attacks against Active Directory to deliver you plaintext credentials. Use the --auto option to automatically acquire domain admin privileges after gaining a foothold.

neo4j-graphql - GraphQL bindings for Neo4j, generates and runs Cypher

  •    Kotlin

This readme assumes you are somewhat familiar with GraphQL and minimally with Cypher. Based on your GraphQL schema, it translates GraphQL Queries and Mutations into Cypher statements and executes them on Neo4j.

AD Support Tools

  •    

Active Directory (AD) Support Tools is a front-end to some common functions and queries that an IT, or Desktop support person uses, such as managing the user accounts and computers in their assigned OU. Source code in VB.net/DotNet 2.0

Craig's Utility Library

  •    CSharp

Craig's Utility Library contains various utility classes used in both web and desktop programming. The library contains classes to handle tasks such as encryption, compression, Microformats, serialization, dealing with Exchange, Active Directory, Twitter, Netflix, threads, etc.

ADUaCET

  •    CSharp

ADUaCET (Active Directory User and Computer Employee Tab) enables a new property page tab for users in Active Directory User and Computer MMC snap-in. You can set the image and employee number of users. Both values are stored in Active Directory.

Active Directory Browser

  •    Delphi

Active Directory Browser (AD Browser) is a remote browser tool for viewing, managing, personalizing Microsoft(c) Server Active Directory(tm) User accounts. AD Browser could also be used as a LAN Chat application within Enterprise (Company).

BeaverTail v2

  •    

The BeaverTail v2 Active Directory Browser allows you to inspect and get to know your Active Directory, and learn something about Active Directory programming at the same time.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.