Wednesday, October 27, 2021

Detecting LDAP enumeration and Bloodhound‘s Sharphound collector using Active Directory Decoys

Detecting LDAP enumeration and Bloodhound‘s Sharphound collector using AD Decoys Madhukar Raina Follow Jul 28 · 9 min read

Introduction

In this blog post, we’ll discuss how to detect enumeration done by Bloodhound’s SharpHound collector and LDAP Reconnaissance activities in an Active Directory environment. We’ll be using deception to detect this by creating a few decoy accounts (or honey accounts) and mixing them with the real accounts. Decoy accounts are the ones that are created for deceptiv…

Read More

Latest news
Related news