m8r1us / bloodhound-notebook

BloodHound Cypher Queries Ported to a Jupyter Notebook

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

BloodHound Notebook Project

Binder Open Source Love Open_Threat_Research Community

BloodHound Cypher Queries Ported to a Jupyter Notebook. A community-driven effort to document and share cypher queries via Jupyter Notebooks.

Jupyter Book: https://bloodhoundnotebook.com

Use Cases:

  • Teach about Neo4j Cypher applied to BloodHound via notebooks
  • Capture Input (Cypher Queries) and Output(Results) for documentation/reports purposes
  • Automate the execution of several queries in a practical and easy-to-reproduce way
  • Allow the InfoSec community to run Cypher Queries interactively through a browser (Nothing installed locally) and for FREE

How To Collaborate

  • The InfoSec community benefits the more queries we share!
  • Open a PR and share a query following a similar YAML file format:
title: Kerberoastable Users
id: A272812C-1FF8-4D4D-B24A-69F482CB1133
creation_date: 2020/06/20
author: Ryan Hausknecht (@haus3c)
description: Find All Users with an SPN/Find all Kerberoastable Users
references:
  - https://hausec.com/2019/09/09/bloodhound-cypher-cheatsheet/
query: |-
  MATCH (n:User)WHERE n.hasspn=true
  RETURN n.name
  • Save that query in the queries folder.
  • The following script then is run after the PR is approved to update all the docs and community notebook.

Author

Roberto Rodriguez (@Cyb3rWard0g)

About

BloodHound Cypher Queries Ported to a Jupyter Notebook

License:GNU General Public License v3.0


Languages

Language:Python 56.8%Language:Dockerfile 38.3%Language:Shell 5.0%