Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide Demo JSON Files with a "bad" Active Directory for self-learning #238

Closed
abe-cyb87 opened this issue Nov 22, 2023 · 3 comments
Closed

Provide Demo JSON Files with a "bad" Active Directory for self-learning #238

abe-cyb87 opened this issue Nov 22, 2023 · 3 comments
Labels
enhancement New feature or request ticketed (automation only) Ticket has been created internally for tracking

Comments

@abe-cyb87
Copy link

Feature Description:
DEMO JSON Files with "best of the worst" AD Configuration(s) to analyse, learn and demonstrate

Provide a clear and concise description of the feature you're requesting.
It would be nice to have demo JSON Files with a test Active Directory with lots of attack paths to explore. This would be nice to learn to analyze such paths and to demonstrate and teach others.
They dont need to be updated often or anything like that. But if you want to get started with Bloodhound its nice to have some files at hand to learn about the gui.

Current Behavior:
There are no demo files :-)

Explain how the software behaves currently in relation to the feature you're requesting.

Desired Behavior:

Describe how you envision the software behaving after the proposed feature is implemented.

Use Case:
Analyze and Self-learn, Demonstration purpose and teaching co-workers.

Explain the context in which this feature would be useful. How will it benefit users or contributors?
To explore the bloodhound gui and learn about attack paths. Some paths you don't encounter often in the real world, but when you do its nice to have some practice with it.

Implementation Suggestions:
Demo Active Directory with aaaaaaall the bad stuff in it and then let sharphound do its sniffing.

Optional: If you have any suggestions on how this feature could be implemented, you can provide them here.

Additional Information:

Include any other relevant information that could help in understanding or implementing the feature.
@abe-cyb87 abe-cyb87 added enhancement New feature or request triage This issue requires triaging labels Nov 22, 2023
@lbrauns
Copy link

lbrauns commented Dec 19, 2023

Just to make you aware, you can easily build that for yourself :) The project BadBlood automates the build of a bad domain: https://github.com/davidprowe/BadBlood

@spyr0-sec
Copy link
Contributor

There seems to be some demo files buried deep in the source code, someone from SpecterOps might be able to confirm if these are appropriate to use - https://github.com/SpecterOps/BloodHound/tree/main/cmd/api/src/test/fixtures/fixtures/v6/all
Otherwise to follow on from the above I've uploaded some that was generated from my lab (built on top of BadBlood) that also contains all ESC1-8 attack paths - https://github.com/spyr0-sec/AutomatedBadLab/tree/main/PostInstallationActivities/AutomatedBadLab/BHCE_Dataset

@slokie-so slokie-so added ticketed (automation only) Ticket has been created internally for tracking and removed triage This issue requires triaging labels Mar 26, 2024
@StephenHinck
Copy link
Collaborator

Example data has been provided here: https://github.com/SpecterOps/BloodHound/tree/main/examples/sample-data

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request ticketed (automation only) Ticket has been created internally for tracking
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@StephenHinck @lbrauns @spyr0-sec @abe-cyb87 @slokie-so