Part 3 - Domain Enumeration with Bloodhound
Tujuan
- Post compromise enumeration
Prasyarat
- Memiliki kredensial user domain
Tools
Enumerasi AD dengan Bloodhound
Remote BloodHound
Python BloodHound Repository atau install pip3 install bloodhound.
1
2
# remote
➜ bloodhound-python -u <user> -p <password> -ns <DC Ip> -d <Domain> -c All
On Site BloodHound
1
2
3
4
5
6
7
8
# exe binary
PS> .\SharpHound.exe -c All
PS> .\SharpHound.exe -c All --ldapusername <user> --ldappassword <password> --domain <domain>
# powershell
PS> . .\SharpHound.ps1
PS> Invoke-BloodHound -CollectionMethod All
PS> Invoke-BloodHound -CollectionMethod All -LdapUser <user> -LdapPass <password> -domain <domain>
Artikel Tips Membaca Bloodhound
This post is licensed under CC BY 4.0 by the author.