Simple script to extract useful informations from the combo BloodHound + Neo4j

Related tags

Third-party APIs Wrappers bloodhound-quickwin
Overview

bloodhound-quickwin

Simple script to extract useful informations from the combo BloodHound + Neo4j. Can help to choose a target.

Prerequisites

  • python3
pip3 install py2neo
pip3 install pandas

Example

  • Use your favorite ingestor to gather ".json"
  • Start your neo4j console
  • Import "*.json" in bloodhounnd
  • Run ./bhqc.py

Usage

kaluche@pwn $ ./bhqc.py -h
usage: bhqc.py [-h] [-b BOLT] [-u USERNAME] [-p PASSWORD]

Quick win for bloodhound + neo4j

optional arguments:
  -h, --help            show this help message and exit
  -b BOLT, --bolt BOLT  Neo4j bolt connexion (default: bolt://127.0.0.1:7687)
  -u USERNAME, --username USERNAME
                        Neo4j username (default : neo4j)
  -p PASSWORD, --password PASSWORD
                        Neo4j password (default : neo4j)

Output

kaluche@pwn $ ./bhqw.py

###########################################################
[*] Enumerating all domains admins (rid:512|544) (recursive)
###########################################################

[+] Domain admins (group) 	: DOMAIN [email protected]
[+] Domain admins (group) 	: ENTERPRISE [email protected]
[+] Domain admins (group) 	: [email protected]
[+] Domain admins (enabled) 	: [email protected] [LASTLOG: < 1 year]
[+] Domain admins (enabled) 	: [email protected] [SPN] [LASTLOG:  NEVER]
[+] Domain admins (enabled) 	: [email protected] [ASREP] [LASTLOG:  NEVER]

###########################################################
[*] Enumerating privileges SPN
###########################################################

[+] SPN DA (enabled) 	: [email protected]

###########################################################
[*] Enumerating privileges AS REP ROAST
###########################################################

[+] AS-Rep Roast DA (enabled) 	: [email protected]

###########################################################
[*] Enumerating all SPN
###########################################################

[+] SPN (enabled) 	: [email protected]
[+] SPN (enabled) 	: [email protected]
[+] SPN (enabled) 	: [email protected]
[+] SPN (enabled) 	: [email protected] [AdminCount]
[+] SPN (enabled) 	: [email protected]
[+] SPN (disabled) 	: [email protected] [AdminCount]

###########################################################
[*] Enumerating AS-REP ROSTING
###########################################################

[+] AS-Rep Roast (enabled) 	: [email protected]
[+] AS-Rep Roast (enabled) 	: [email protected] [AdminCount]

###########################################################
[*] Enumerating Unconstrained account
###########################################################

[+] Unconstrained user (enabled) 	: [email protected]

###########################################################
[*] Enumerating Constrained account
###########################################################

[+] Constrained user (enabled) 	: [email protected] ['snmp/dc1.FBC.LAB']

###########################################################
[*] Enumerating Unconstrained computer
###########################################################

[+] Unconstrained computer (enabled) 	: DC1.FBC.LAB [Windows Server 2016 Standard]

###########################################################
[*] Stats
###########################################################

+--------------------------------------------+------------+-------+
|                Description                 | Percentage | Total |
+--------------------------------------------+------------+-------+
|                 All users                  |    N/A     |   21  |
|             All users (enabed)             |   85.71    |   18  |
|            All users (disabled)            |   14.29    |   3   |
|     Users with 'domain admins' rights      |   16.67    |   3   |
|      Not logged (all) since 6 months       |    0.0     |   0   |
|    Not logged (enabled) since 6 months     |    0.0     |   0   |
| Password not changed > 1 y (enabled only)  |    0.0     |   0   |
| Password not changed > 2 y (enabled only)  |    0.0     |   0   |
| Password not changed > 5 y (enabled only)  |    0.0     |   0   |
| Password not changed > 10 y (enabled only) |    0.0     |   0   |
|               Users with SPN               |   33.33    |   6   |
|          Users with AS REP ROAST           |   11.11    |   2   |
|      Users enabled and has never log       |   88.89    |   16  |
+--------------------------------------------+------------+-------+
You might also like...
A simple Discord bot wrote with Python. Kizmeow let you track your NFT project and display some useful information
A simple Discord bot wrote with Python. Kizmeow let you track your NFT project and display some useful information

Kizmeow-OpenSea-and-Etherscan-Discord-Bot 中文版 | English Ver A Discord bot wrote with Python. Kizmeow let you track your NFT project and display some u

Xeift 93 Dec 31, 2022
Simple Telegram Bot to extract various types of archives from a telegram file or a direct link

Unzipper Bot A Telegram Bot to Extract Various Types Of Archives Features Extract various types of archives like rar, zip, tar, 7z, tar.xz etc. Passwo

I'm Not A Bot #Left_TG 93 Dec 27, 2022
Useful tools for building interactions in Python

discord-interactions-python Types and helper functions for Discord Interactions webhooks. Installation Available via pypi: pip install discord-interac

Discord 77 Dec 7, 2022
IMDbPY is a Python package useful to retrieve and manage the data of the IMDb movie database about movies, people, characters and companies

IMDbPY is a Python package for retrieving and managing the data of the IMDb movie database about movies, people and companies. Revamp notice Starting

Davide Alberani 1.1k Jan 2, 2023
Automation for grabbing keys from a Linux host. Useful during red team exercises to quickly help assess what access to a Linux host can lead to.

keygrabber Automation for grabbing keys from a Linux host. This can be helpful during red team exercises when you gain access to a Linux host and want

Cedric Owens 14 Sep 27, 2022
RevSpotify is a fast, useful telegram bot to have Spotify music on Telegram.
RevSpotify is a fast, useful telegram bot to have Spotify music on Telegram.

RevSpotify A Telegram Bot that can download music from Spotify RevSpotify is a fast, useful telegram bot to have Spotify music on Telegram. ✨ Features

Alireza Shabani 12 Sep 12, 2022
A repo containing toolings and software useful for a DevOps Engineer

DevOps-Tooling A repo containing toolings and software useful for a DevOps Engineer (or if you're setting up your Mac from the beginning) Currently se

Mohamed Abukar 45 Dec 12, 2022
Algofi Python SDK is useful for developers who want to programatically interact with the Algofi lending protocol

algofi-py-sdk Algofi Python SDK Documentation https://algofi-py-sdk.readthedocs.

Algofi 41 Dec 15, 2022
A Open source Discord Token Grabber with several very useful features coded in python 3.9
A Open source Discord Token Grabber with several very useful features coded in python 3.9

Kiwee-Grabber A Open source Discord Token Grabber with several very useful features coded in python 3.9 This only works on any python 3.9 versions. re

Vesper 40 Jan 1, 2023
Owner
null
GitHub
VALORANT rank yoinker lets you retrieve the ranks and basic informations of everyone in the lobby, regardless of gamemode.

vRY VALORANT rank yoinker Retrieve the rank and basic information of everyone in the lobby, regardless of gamemode. Table of Contents Terms of Use Abo

Isaac Kenyon 270 Dec 30, 2022
A python package for fetching informations from GitHub API

Py-GitHub A python package for fetching informations from GitHub API Made with Python3 (C) @FayasNoushad Copyright permission under MIT License Licens

Fayas Noushad 6 Nov 28, 2021
Gets instagram public username and returns usefull informations like profilepic(b64), video_urls etc.

InstaSucker Gets instagram public username and returns usefull informations like profilepic(b64), video_urls etc. Information this project contains a

Armin Amiri 5 Apr 30, 2022
Adriano's Diets Consulting Bot - Parses and extracts informations about your diet (files in the Adriano's format).

Adriano's Diets Consulting Bot - Parses and extracts informations about your diet (files in the Adriano's format).

Marco A. 2 Feb 7, 2022
It is a useful project for developers that includes useful tools for Instagram

InstagramIG It is a useful project for developers that includes useful tools for Instagram Installation : pip install InstagramIG Logan Usage from In

Sidra ELEzz 14 Mar 14, 2022
Create a Neo4J graph of users and roles trust policies within an AWS Organization.

AWS_ORG_MAPPER This tool uses sso-oidc to authenticate to the AWS organization. Once authenticated the tool will attempt to enumerate all users and ro

Ruse 24 Jul 28, 2022
An simple python script for remove rockstar account for fivem, very useful for cheating or change account for unban from an server, remember change steam account.

This tool is used for be unbanned from servers, u need disconnect the discord, use other steam account and uninstall xbox for be unbanned 100%, it only work for unban in server, not global

MiguDEV 4 Oct 10, 2022
Python script to extract all Humble Bundle keys and redeem them on Steam automagically.

humble-steam-key-redeemer Python script to extract all Humble keys and redeem them on Steam automagically. This is primarily designed to be a set-it-a

null 74 Jan 8, 2023
Python script that extract data via YouTube Api and manipulates it.

UNLIMITED README for the Unlimited game [Mining game] Explore the docs » View Demo · Report Bug · Request Feature Table of Contents About The Project

Serban Chisca 1 Dec 12, 2021
A simple but useful Discord Selfbot with essential features, made with discord.py-self.

Discord Selfbot Xyno Discord Selfbot Xyno is a simple but useful selfbot for Discord. It has currently limited useful features but it will be updated

Amit Pathak 7 Apr 24, 2022