Manually Parse Bloodhound Data with JQ to Create Lists of Potentially Vulnerable Users and Computers
00:00 - Intro talking about why we want to parse Bloodhound Data with JQ to create lists
00:43 - Just examining the data in Bloodhound
01:28 - Writing a Cipher Query to show all enabled users in Bloodhound
02:35 - Showing Bloodhound Debug Mode which will show Cipher Queries when you run them
03:28 - Start of looking at Bloodhound Data
04:25 - Digging through the JSON Structure with JQ to get to the Properties of a User
06:30 - Showing all the names, if we wanted to remove the quotes, we could use the -r flag for raw
06:50 - Using the Select Query in JQ to show only enabled/disabled users
07:45 - Outputting multiple fields in JQ so we can show usernames + descriptions
08:20 - Using JQ to filter out descriptions with null to only show AD Accounts with a description
09:30 - Talking about LastLogon and LastLogonTimeStamp
10:45 - Converting integers to string in JQ so we can output them
12:00 - Outputting all accounts where a PwdLastSet is Greater than the users last logon
14:10 - Using JQ to filter out empty array's which lets use find all accounts that are kerberoastable
14:50 - Using JQ to parse the computers and showing operating systems
15:50 - Filtering out Operating Systems which may help us find end of life OS's
16:30 - Using JQ to show each computers last logon which will let us view all active computers
Смотрите видео Manually Parse Bloodhound Data with JQ to Create Lists of Potentially Vulnerable Users and Computers онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь IppSec 01 Май 2022, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 13,777 раз и оно понравилось 416 людям.