Hunting With Active Directory Replication Metadata

Published: 6/09/2017
Hunting With Active Directory Replication Metadata
Source: WWW.HARMJ0Y.NET

With the recent release of BloodHound’s ACL Attack Path Update as well as the work on Active Directory DACL backdooring by @_wald0 and myself (whitepaper here), I started to investigate ACL-based attack paths from a defensive perspective. Sean Metcalf has done some great work concerning Active Directory threat hunting (see his 2017 BSides Charm “Detecting the Elusive: Active Directory

Read more
Related news
Comment