Good morning all and #happywednesday! I stumbled across this article by Secureworks which does a fantastic job at gathering artifacts the appear to better understand the #SharpHound collector that helps #BloodHound gather information. This is a great article with the trail of artifacts that come from the network and the host. This type of article always takes me back to where I started which is when I stumbled across the 'Tool Analysis Result Sheet' from the JPCERT/CC. Both are great resources and I hope you enjoy them as much as I did! Have a wonderful day and Happy Hunting!

Sniffing Out SharpHound on its Hunt for Domain Admin
https://www.secureworks.com/blog/sniffing-out-sharphound-on-its-hunt-for-domain-admin

Tool Analysis Result Sheet
https://www.jpcert.or.jp/english/

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Detecting Active Directory Data Collection https://medium.com/falconforce/falconfriday-detecting-active-directory-data-collection-0xff21-c22d1a57494c #blueteam #sharphound

*SharpHound Cheat Sheet*

https://github.com/SadProcessor/HandsOnBloodHound/blob/master/BH21/BH4_SharpHound_Cheat_Dark.pdf

#sharphound #bloodhound #cheatsheet