Tags: SpecterOps/BloodHoundQueryLibrary
Tags
Some new queries (#18) * Create Accounts related to AAD Entra Connect and their sessions.yml * Update and rename Accounts related to AAD Entra Connect and their sessions.yml to Accounts related to AAD Entra Connect.yml * Create Domain Admin to OU mapping .yml * Create Owners of Azure Applications.yml * Create Owners of Azure Subscriptions.yml * Create All Paths to Azure VMs.yml * Update and rename All Paths to Azure VMs.yml to Shortest Paths from Azure Users to Azure VMs.yml * Update Shortest Paths from Azure Users to Azure VMs.yml * Create Shortest Paths from Owned Azure Users to Azure VMs.yml * Create Shortest Paths from Owned Azure Users to Azure Keyvaults.yml * Create Shortest Paths from Azure Users to Azure Keyvaults.yml * Create All direct Controllers of MS Graph * Create All privileged Azure Service Principals.yml * Create All Azure VMs with a tied Managed Identity.yml * Rename All direct Controllers of MS Graph to All direct Controllers of MS Graph.yml * Update Accounts related to AAD Entra Connect.yml Updated to also support Microsoft Entra Cloud Sync * Delete queries/Domain Admin to OU mapping .yml Query is redundant as it is a limited scope (only DA) compared to https://queries.specterops.io/?input=18a83a17-b451-4343-acfe-7620516e2968&name=Locations+of+Tier+Zero+%2F+High+Value+objects * Update Shortest Paths from Azure Users to Azure Keyvaults.yml * Update Shortest Paths from Azure Users to Azure VMs.yml * Update Shortest Paths from Owned Azure Users to Azure Keyvaults.yml * Update Shortest Paths from Owned Azure Users to Azure VMs.yml --------- Co-authored-by: Martin Sohn Christensen <[email protected]>