A workshop particpation is possible from any PC/lap top/tablet with a stable internet connection. You don´t need additional software. An up-to-date browser is sufficient (current Microsoft Edge, Google Chrome or Firefox). Access to the training lab will also take place via your browser. Exercises can be implemented without additional software. The workshop will of course be transmitted live from the ERNW studio. The workshop material as well as possible demos and of course the trainer are always visible and will be shown depending on the requirements or will be emphasized. We will provide the training material electronically before the start of the course. The trainer will answer questions live. The microfone and/or camera are optional. You can also ask questions via chat.

Requirements: Basic Active Directory knowledge & understanding.

This workshop is designed to enable you to identify critical object relationships within your Enterprise Active Directory environment. Active Directory is at the heart of most major organizations and gaining control of Active Directory is often what an attacker is after in corporate post-Exploitation scenarios. BloodHound is a visualization and evaluation tool designed to graph Active Directory attack paths and visualize Active Directory the way an attacker would see it. Thinking in graphs allows defenders to better understand the complexity of object relationships, identify weak spots to be mitigated, and improve their overall security posture.
• Are you responsible for administrating or securing a complex Active Directory environment?
• Do you want to know how many tier 2 users have a path to your tier 0 assets?
• Do you want to know if your Exchange ACLs open an attack path to your domain controllers?
If the answer to these questions is “yes”, then this workshop has everything you need to use BloodHound efficiently within your environment. The workshop is designed to be hands-on with many practical lessons and covers everything from understanding / performing a basic installation of BloodHound, building basic queries, visualizing object relationships / potential attack paths to more advanced topics like using custom add-ons or automating the whole process of using BloodHound (data collection, ingestion, first analysis etc.). BloodHound has been successfully used in many complex Active Directory environments to visualize critical attack paths that could lead to a full Active Directory compromise. Our trainer will share his experience, lessons learned, tips & tricks and pitfalls from using BloodHound in complex enterprise environments to efficiently identify critical relationships and derive appropriate mitigating controls.