Announcements
SO-CON Recordings are Now Live!
We had an absolute blast hosting SO-CON earlier this year and were incredibly impressed with the caliber of knowledge shared within the community. At last, the recordings of those talks are now live and captured in a single, convenient playlist for your consumption. Enjoy!
Check out all those talks here!
Join us for training at BlackHat USA 2024!
Whether you're a blue- or red-teamer, our courses are designed to elevate your skills and prepare you to tackle advanced threat actors. Don't miss this opportunity to learn from the experts and gain hands-on experience in simulated environments! Courses offered this year include:
- Adversary Tactics: Tradecraft Analysis
- Adversary Tactics: Red Team Operations
- Adversary Tactics: Detection
- Active Directory Security Fundamentals
Click here to learn more, or register now and take your expertise to the next level!
Summary
-
BloodHound (v5.12.0)
- New and Improved Features
- [BHE Only] Visual overhaul of the Attack Paths view
- Added documentation hints to all administrative pages
- Improved analysis performance - SyncLAPSPassword
- Example Azure data is now available
- Bug Fixes
- Improved resolution of AzApp object names
- Reverted a change in Azure ingest that was resulting in inconsistent results in BloodHound
- New and Improved Features
-
SharpHound (v2.4.1 - BHE, v2.4.1 - CE)
- No new release.
-
AzureHound (v2.1.9)
- No new release.
BloodHound (v5.12.0)
New and Improved Features
-
[BHE Only] Attack Paths view visual overhaul - The Attack Paths page has undergone a pretty significant overhaul. These changes include a better use of screen real-estate, and bring several key metrics to the forefront of the page, making it easier to rapidly identify current posture and recent changes.
-
Administrative page documentation - Each of the administrative pages now has a handy explainer for the purpose of the page and links directly to BloodHound Enterprise documentation relevant to the page. These changes will make it easier to find details around the changes you're making to your environment.
-
Improved analysis performance: SyncLAPSPassword - We've updated the logic which results in the SyncLAPSPassword edges in BloodHound. With this change, these edges will more commonly begin from Groups which have this Attack Path primitive within an environment, rather than beginning directly from each user. The result of these changes is the creation of fewer edges during analysis, and improved performance during this step.
Note: This may result in some changes for Attack Path findings in BloodHound Enterprise environments. - Example Azure data is now available - Looking for sample data to try out BloodHound? We've got both AD and Azure sets hosted on GitHub!
Bug Fixes
- Improved resolution of AzApp object names
- Reverted a change in Azure ingest that was resulting in inconsistent results in BloodHound
SharpHound (v2.4.1 - BHE, v2.4.1 - CE)
No new release.
AzureHound (v2.1.9)
No new release.
Updated