Hands-on BloodHound - Intro to Cypher Workshop

This is a one-day training only, taking place on Monday, March 16.

Originally designed for Red Team operations, BloodHound offers a unique way of viewing Active Directory, and can be very useful for Blue Teams, security consultants, or Admins wanting to gain insight on their premises. But the BloodHound database holds a lot of data… Learning some Cypher is a must if you want to get the most out of BloodHound, and this is what we are going to do…

Description

In this training you will:

  • Understand the various components of BloodHound,
  • Learn the ins & outs of the BloodHound UI,
  • Understand the basic of Cypher (neo4j DB query language),
  • Build your own custom queries (metrics),
  • Query BloodHound from the UI / Browser / REST API,
  • Understand how to build tools to expand BloodHound.

Agenda

  • What is BloodHound?
  • Data & Collection
  • Cypher - Basics
  • Cypher - Advanced
  • REST API
  • Custom Tools & Automation

Prerequisites

  • Good understanding of Active Directory.

Requirements

  • Bring your own win10 laptop [or VM] .

About the Speaker