Simple script to extract useful informations from the combo BloodHound + Neo4j

Related tags

Third-party APIs Wrappersbloodhound-quickwin
Overview

bloodhound-quickwin

Simple script to extract useful informations from the combo BloodHound + Neo4j. Can help to choose a target.

Prerequisites

  • python3
pip3 install py2neo
pip3 install pandas

Example

  • Use your favorite ingestor to gather ".json"
  • Start your neo4j console
  • Import "*.json" in bloodhounnd
  • Run ./bhqc.py

Usage

[email protected] $ ./bhqc.py -h
usage: bhqc.py [-h] [-b BOLT] [-u USERNAME] [-p PASSWORD]

Quick win for bloodhound + neo4j

optional arguments:
  -h, --help            show this help message and exit
  -b BOLT, --bolt BOLT  Neo4j bolt connexion (default: bolt://127.0.0.1:7687)
  -u USERNAME, --username USERNAME
                        Neo4j username (default : neo4j)
  -p PASSWORD, --password PASSWORD
                        Neo4j password (default : neo4j)

Output

[email protected] $ ./bhqw.py

###########################################################
[*] Enumerating all domains admins (rid:512|544) (recursive)
###########################################################

[+] Domain admins (group) 	: DOMAIN [email protected]
[+] Domain admins (group) 	: ENTERPRISE [email protected]
[+] Domain admins (group) 	: [email protected]
[+] Domain admins (enabled) 	: [email protected] [LASTLOG: < 1 year]
[+] Domain admins (enabled) 	: DIRECTOR.TREN[email protected] [SPN] [LASTLOG:  NEVER]
[+] Domain admins (enabled) 	: [email protected] [ASREP] [LASTLOG:  NEVER]

###########################################################
[*] Enumerating privileges SPN
###########################################################

[+] SPN DA (enabled) 	: [email protected]

###########################################################
[*] Enumerating privileges AS REP ROAST
###########################################################

[+] AS-Rep Roast DA (enabled) 	: [email protected]

###########################################################
[*] Enumerating all SPN
###########################################################

[+] SPN (enabled) 	: [email protected]
[+] SPN (enabled) 	: [email protected]
[+] SPN (enabled) 	: [email protected]
[+] SPN (enabled) 	: [email protected] [AdminCount]
[+] SPN (enabled) 	: [email protected]
[+] SPN (disabled) 	: [email protected] [AdminCount]

###########################################################
[*] Enumerating AS-REP ROSTING
###########################################################

[+] AS-Rep Roast (enabled) 	: [email protected]
[+] AS-Rep Roast (enabled) 	: [email protected] [AdminCount]

###########################################################
[*] Enumerating Unconstrained account
###########################################################

[+] Unconstrained user (enabled) 	: [email protected]

###########################################################
[*] Enumerating Constrained account
###########################################################

[+] Constrained user (enabled) 	: [email protected] ['snmp/dc1.FBC.LAB']

###########################################################
[*] Enumerating Unconstrained computer
###########################################################

[+] Unconstrained computer (enabled) 	: DC1.FBC.LAB [Windows Server 2016 Standard]

###########################################################
[*] Stats
###########################################################

+--------------------------------------------+------------+-------+
|                Description                 | Percentage | Total |
+--------------------------------------------+------------+-------+
|                 All users                  |    N/A     |   21  |
|             All users (enabed)             |   85.71    |   18  |
|            All users (disabled)            |   14.29    |   3   |
|     Users with 'domain admins' rights      |   16.67    |   3   |
|      Not logged (all) since 6 months       |    0.0     |   0   |
|    Not logged (enabled) since 6 months     |    0.0     |   0   |
| Password not changed > 1 y (enabled only)  |    0.0     |   0   |
| Password not changed > 2 y (enabled only)  |    0.0     |   0   |
| Password not changed > 5 y (enabled only)  |    0.0     |   0   |
| Password not changed > 10 y (enabled only) |    0.0     |   0   |
|               Users with SPN               |   33.33    |   6   |
|          Users with AS REP ROAST           |   11.11    |   2   |
|      Users enabled and has never log       |   88.89    |   16  |
+--------------------------------------------+------------+-------+
Owner
GitHub Repository
The most Advanced yet simple Multi Cloud tool to transfer Your Data from any cloud to any cloud remotely based on Rclone.⚑

Multi Cloud Transfer (Advanced!) πŸ”₯ 1.Setup and Start using Rclone on Google Colab and Create/Edit/View and delete your Rclone config file and keep th

Dr.Caduceus 162 Jan 08, 2023
Pdisk Uploader Bot

pdisk-bot pdisk uploader telegram bot How To Use Configs TG_BOT_TOKEN - Get bot token from @BotFather API_ID - From my.telegram.org API_HASH - From my

lokaman chendekar 25 Oct 21, 2022
Visual Weather api. Returns beautiful pictures with the current weather.

VWapi Visual Weather api. Returns beautiful pictures with the current weather. Installation: sudo apt update -y && sudo apt upgrade -y sudo apt instal

Hotaru 33 Nov 13, 2022
A telegram bot to read RSS feeds

Telegram bot to fetch RSS feeds This is a telegram bot that fetches RSS feeds in regular intervals and send it to you. The feed sources can be added o

Santhosh Thottingal 14 Dec 15, 2022
A simple telegram bot to download from Zee5 links

Zee5 Downloader If you find any bugs, report at @TroJanzSupport My Features: πŸ‘‰ Upload as file/video from any NON-DRM Zee5 link πŸ‘‰ Permanent thumbnail

TroJanzHEX 95 Dec 20, 2022
Parse discord tokens from any file, even if there is other shit in the file with them.

Discord-Token-Parser Parse discord tokens from any file, even if there is other shit in the file with them. Any. File. I glued together all html from

4 May 07, 2022
A Telegram Bot which will ask new Group Members to verify them by solving an emoji captcha.

Emoji-Captcha-Bot A Telegram Bot which will ask new Group Members to verify them by solving an emoji captcha. About API: Using api.abirhasan.wtf/captc

Abir Hasan 52 Dec 11, 2022
Quickly visualize docker networks with graphviz.

Docker Network Graph Visualize the relationship between Docker networks and containers as a neat graphviz graph. Example Usage usage: docker-net-graph

Leo Verto 43 Dec 12, 2022
SUPPORTS 500 GROUPS NO NEED OF BOT πŸ˜‰

LOVELY RADIO SUPPORTS 500 GROUPS NO NEED OF BOT πŸ˜‰ Requirements Telegram API_ID , API_HASH and SESSION_NAME HEROKU Get YouTube live stream link instal

6 Nov 24, 2021
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

aws-allowlister Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance fr

Salesforce 189 Dec 08, 2022
Updater for PGCG (Paradox Game Converters Group) converters written in Python.

Updater Updater for PGCG (Paradox Game Converters Group) converters written in Python. Needs to be put inside an "Updater" directory in the root conve

Paradox Game Converters 2 Jan 10, 2022
NiceHash Python Library and Command Line Rest API

NiceHash Python Library and Command Line Rest API Requirements / Modules pip install requests Required data and where to get it Following data is nee

Ashlin Darius Govindasamy 2 Jan 02, 2022
use python script to fix vmp dump api in ida

FixVmpDump use python script to fix vmp dump api in ida. support x86 and x64. details in my blog: https://blog.csdn.net/yan_star/article/details/11279

97 Nov 02, 2022
Download song lyrics and metadata from Genius.com 🎢🎀

LyricsGenius: a Python client for the Genius.com API lyricsgenius provides a simple interface to the song, artist, and lyrics data stored on Genius.co

John W. Miller 738 Jan 04, 2023
Step by Step Guide To Install Discord Py Master Branch on Replit

Guide to Install Discord Py Master Branch on Replit Step 1 Create an empty repl on replit Step 2 Add this Basic Code to the file main.py so as to chec

Pranav Saxena 7 Nov 18, 2022
A pypi package that helps in generating discord bots.

A pypi package that helps in generating discord bots.

KlevrHQ 3 Nov 17, 2021
TypeRig is a Python library aimed at simplifying the current FontLab API

TypeRig TypeRig is a Python library aimed at simplifying the current FontLab API while offering some additional functionality that is heavily biased t

Vassil Kateliev 41 Nov 02, 2022
A simple economy bot for discord!

Enter all the correct values in the given configuration.json file. Make sure that BOT_TOKEN is a string value, and that OWNER_ID and GUILD_ID are integer values.

WonkyPigs 0 Aug 22, 2022
SkyzoMusicBot - Bot Music Telegram By Skyzo

SKYZO MUSIC BOT Telegram Music Bot And Stream Feature New Version Ready to use m

Skyzo 19 Apr 08, 2022
an OSU! bot sdk based on IRC

osu-bot-sdk an OSU! bot sdk based on IRC Start! The following is an example of event triggering import osu_irc_sdk from osu_irc_sdk import models bot

chinosk 2 Dec 16, 2021