Introducing BloodHound Scentry: Accelerate your APM practice. Learn More
Tag

red team

Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile

red team

Weaponizing Whitelists: An Azure Blob Storage Mythic C2 Profile

TL;DR: Mature enterprises lock down egress but often carve out broad exceptions for trusted cloud services....

Jan 30, 2026
Read Post
Introducing ConfigManBearPig, a BloodHound OpenGraph Collector for SCCM

red team

Introducing ConfigManBearPig, a BloodHound OpenGraph Collector for SCCM

tl;dr: Security researchers have discovered 30+ unique attack techniques targeting SCCM in the past several years,...

Jan 13, 2026
Read Post
Less Praying More Relaying – Enumerating EPA Enforcement for MSSQL and HTTPS

red team

Less Praying More Relaying – Enumerating EPA Enforcement for MSSQL and HTTPS

TL;DR – It’s important to know if your NTLM relay will be prevented by integrity protections...

Nov 25, 2025
Read Post
PingOne Attack Paths

red team

PingOne Attack Paths

TL;DR: You can use PingOneHound in conjunction with BloodHound Community Edition to discover, analyze, execute, and...

Oct 20, 2025
Read Post
DCOM Again: Installing Trouble

red team

DCOM Again: Installing Trouble

TL;DR I am releasing a DCOM lateral movement beacon object file (BOF) that uses the Windows...

Sep 29, 2025
Read Post
Dough No! Revisiting Cookie Theft

red team

Dough No! Revisiting Cookie Theft

TL;DR Chromium based browsers have shifted from using the user’s Data Protection API (DPAPI) master key...

Aug 27, 2025
Read Post
Entra Connect Attacker Tradecraft: Part 3

red team

Entra Connect Attacker Tradecraft: Part 3

TL;DR Attackers can exploit Entra Connect sync accounts to hijack device userCertificate properties, enabling device impersonation...

Jul 30, 2025
Read Post
Introducing BloodHound 3.0

red team

Introducing BloodHound 3.0

Intro After several months of development and quality testing, we are proud to announce the release...

Feb 11, 2020
Read Post