creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-13 22:54:53 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/exploiting-active-directory-with-bloodhound/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

114 lines
2.3 KiB
Markdown
Raw Blame History

# API Reference: Active Directory Analysis with BloodHound
## SharpHound — Data Collection
### Syntax
```cmd
SharpHound.exe -c All -d domain.local
SharpHound.exe -c DCOnly --ldapusername user --ldappassword pass
```
### Collection Methods
| Flag | Data Collected |
|------|----------------|
| `All` | Everything below |
| `Default` | Group, Session, Trusts, ACL, ObjectProps |
| `DCOnly` | LDAP-only (no sessions) |
| `Session` | Active sessions |
| `ACL` | Access control lists |
| `ObjectProps` | User/computer properties |
## bloodhound-python — Cross-Platform
### Syntax
```bash
bloodhound-python -d domain.local -u user -p pass -c all --zip -ns 10.10.10.1
```
### Options
| Flag | Description |
|------|-------------|
| `-d` | Domain name |
| `-u` | Username |
| `-p` | Password |
| `-c` | Collection method |
| `-ns` | Nameserver (DC IP) |
| `--zip` | Output as ZIP |
## Neo4j Cypher Queries
### Shortest Path to Domain Admins
```cypher
MATCH p=shortestPath(
(u:User {owned:true})-[*1..]->(g:Group {name:'DOMAIN ADMINS@DOMAIN.LOCAL'})
) RETURN p
```
### Kerberoastable Users
```cypher
MATCH (u:User) WHERE u.hasspn=true AND u.enabled=true
RETURN u.name, u.serviceprincipalnames
```
### Unconstrained Delegation
```cypher
MATCH (c:Computer {unconstraineddelegation:true})
RETURN c.name, c.operatingsystem
```
### DCSync Rights
```cypher
MATCH p=(u)-[:GetChanges|GetChangesAll]->(d:Domain)
RETURN u.name, d.name
```
### AS-REP Roastable
```cypher
MATCH (u:User {dontreqpreauth:true})
RETURN u.name, u.enabled
```
## BloodHound JSON Format
### Users JSON
```json
{
"data": [{
"Properties": {
"name": "USER@DOMAIN.LOCAL",
"enabled": true,
"admincount": true,
"hasspn": false
},
"Aces": [],
"MemberOf": []
}]
}
```
## Neo4j Python Driver
### Connection
```python
from neo4j import GraphDatabase
driver = GraphDatabase.driver("bolt://localhost:7687", auth=("neo4j", "bloodhound"))
with driver.session() as session:
result = session.run("MATCH (n:User) RETURN count(n)")
```
## BloodHound CE API
### Authentication
```http
POST https://bloodhound:8080/api/v2/login
Content-Type: application/json
{"login_method": "secret", "secret": "api-key-here"}
```
### Search
```http
GET https://bloodhound:8080/api/v2/search?q=admin
Authorization: Bearer {token}
```
Reference in New Issue View Git Blame Copy Permalink