RiccardoAncarani
commented
5 years ago I just realised that I removed the SharpHound icon in this pull request, sorry for that! A very smart AV was picking the binary because of the icon
Open RiccardoAncarani opened 5 years ago
RiccardoAncarani
commented
5 years ago I just realised that I removed the SharpHound icon in this pull request, sorry for that! A very smart AV was picking the binary because of the icon
I added support for collecting local membership of the group "Remote Management Users", which can be used to define users that can access a target machine using PowerShell remoting.
For example, I am pushing the group "Domain Users" in the local group "Remote Management Users", as it is possible to see in the screenshot below from my test domain:
and, as you can see, the user RANCARANI is able to
Enter-PSSessionin the domain controller:The result within BloodHound is the following:
I added the edge
CanPSRemote.I will create the pull request for the Electron app as soon as I can.