Add 3 Hounds #90
Add 3 Hounds #90
Conversation
WalkthroughAdds and updates OpenGraph library catalog entries in documentation: new entries for ManagerOfHound (Active Directory), IAMhounddog (AWS), runZeroHound (AWS), TaskHound (Windows), and renames the Rapid7 entry from "Rapid7 InsightVM" to "Rapid7". Changes are confined to Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes
Possibly related PRs
Suggested labels
Suggested reviewers
Poem
Pre-merge checks and finishing touches❌ Failed checks (2 warnings)
✅ Passed checks (1 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
docs/opengraph/library.mdx(2 hunks)
🔇 Additional comments (1)
docs/opengraph/library.mdx (1)
294-310: TaskHound entry looks good.The new TaskHound entry follows the established formatting and structure of other community contributions. The description is clear, author attribution is present, and the repository link is included.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
docs/opengraph/library.mdx (1)
236-249: Minor: Clarify Rapid7 entry scope.The accordion title was changed to "Rapid7" (from "Rapid7 InsightVM"), but the tool heading still says "OpenGraph DLT (Rapid7 InsightVM)". If this entry is now intended to cover broader Rapid7 products, consider updating the tool name heading for consistency. If it remains InsightVM-specific, the title could reflect that.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
docs/opengraph/library.mdx(4 hunks)
🔇 Additional comments (3)
docs/opengraph/library.mdx (3)
59-77: Well-formatted new Active Directory entry.The ManagerOfHound entry follows all conventions: proper SO_Icon usage, clear description of the functionality, accurate author/org attribution, and valid repo link. No issues detected.
251-267: Previous URL issue resolved; entry looks good.The runZeroHound entry correctly links to https://www.runzero.com/ (addressing the prior review's concern about incorrect organization URL). The entry follows all formatting conventions with proper community icon usage, author attribution, and valid repo link. ✅
313-328: Well-formatted new Windows Scheduled Tasks entry.The TaskHound entry follows community entry conventions: proper icon usage, clear description of functionality, valid author link, and valid repo. The absence of organization affiliation is consistent with other community entries in this catalog. No issues detected.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
docs/opengraph/library.mdx (1)
236-249: Minor: Consider updating heading to match shortened accordion title.The accordion title was shortened to "Rapid7" (line 236), but the internal heading still reads "OpenGraph DLT (Rapid7 InsightVM)" (line 238). Either approach is valid—keeping the full name provides clarity about which Rapid7 tool this is, while matching the title improves consistency. No action required unless you prefer uniform title/heading naming.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
docs/opengraph/library.mdx(4 hunks)
🔇 Additional comments (3)
docs/opengraph/library.mdx (3)
251-266: ✅ Past review issue resolved.The runZeroHound author affiliation URL has been correctly updated to
https://www.runzero.com/. The fix from the previous review has been applied properly.
60-77: ✅ ManagerOfHound entry looks good.Properly formatted with clear description, author attribution to SpecterOps, and valid repository link. Includes helpful reference to the demonstration post. Consistent with other SpecterOps entries in the catalog.
313-328: ✅ TaskHound entry is well-structured.Clear description of the tool's purpose, proper community icon attribution, and valid repository link. The author lacks an organization affiliation, which is appropriate for community contributions. Formatting is consistent with other community entries in the catalog.
|
|
||
| **Description** | ||
|
|
||
| ManagerOfHound is an OpenGraph extension for BloodHound that collect manager-subordinate relationships from Active Directory and exports them as custom "ManagerOf" edges for BloodHound ingestion. |
There was a problem hiding this comment.
| ManagerOfHound is an OpenGraph extension for BloodHound that collect manager-subordinate relationships from Active Directory and exports them as custom "ManagerOf" edges for BloodHound ingestion. | |
| ManagerOfHound is an OpenGraph extension for BloodHound that collects manager-subordinate relationships from Active Directory and exports them as custom "ManagerOf" edges for BloodHound ingestion. |
|
|
||
| ManagerOfHound is an OpenGraph extension for BloodHound that collect manager-subordinate relationships from Active Directory and exports them as custom "ManagerOf" edges for BloodHound ingestion. | ||
|
|
||
| Some organizations implement self-service portals where managers can control the user accounts of their subordinates (e.g. password resets). This can create implicit privilege escalation paths not captured by the default BloodHound edges. ManagerOfHound makes these hidden relationships visible through OpenGraph, enabling security teams to identify and assess novel attack paths in their environment. |
There was a problem hiding this comment.
| Some organizations implement self-service portals where managers can control the user accounts of their subordinates (e.g. password resets). This can create implicit privilege escalation paths not captured by the default BloodHound edges. ManagerOfHound makes these hidden relationships visible through OpenGraph, enabling security teams to identify and assess novel attack paths in their environment. | |
| Some organizations implement self-service portals where managers can control the user accounts of their subordinates (e.g., password resets). This can create implicit privilege escalation paths not captured by the default BloodHound edges. ManagerOfHound makes these hidden relationships visible through OpenGraph, enabling security teams to identify and assess novel attack paths in their environment. |
|
|
||
| Windows Privileged Scheduled Task Discovery Tool for fun and profit. | ||
|
|
||
| TaskHound hunts for Windows scheduled tasks that run with privileged accounts and stored credentials. It enumerates tasks over SMB, parses XMLs, and identifies high-value attack opportunities through BloodHound export support. |
There was a problem hiding this comment.
Does "XMLs" refer to "XML files"? If so, I would use the latter as a general doc style convention.
Add: runZeroHound & TaskHound
Summary by CodeRabbit