https://heretek.dev/pt/tags/bloodhound/ Recent content in Bloodhound on Heretek https://heretek.dev/og-image.png https://heretek.dev/og-image.png Hugo pt Sat, 28 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/writeups/htb-certified/ Sat, 28 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/writeups/htb-certified/ Box AD assumed breach. Abuso de WriteOwner num grupo, double shadow credentials chain, e abuso de certificado ADCS ESC9 até Domain Admin. https://heretek.dev/pt/tools/bloodhound-quickstart/ Tue, 24 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/tools/bloodhound-quickstart/ Como eu configuro e uso o BloodHound CE pra enumeração AD — coleta, importação, e encontrando caminhos de ataque. https://heretek.dev/pt/cheatsheets/active-directory/ Tue, 24 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/cheatsheets/active-directory/ Referência rápida pra enumeração AD, ataques Kerberos, lateral movement e comprometimento de domínio. https://heretek.dev/pt/writeups/htb-active/ Tue, 24 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/writeups/htb-active/ Minha primeira box AD. Null session no SMB -> senha GPP no SYSVOL -> Kerberoasting do Administrator -> Domain Admin. https://heretek.dev/pt/writeups/htb-blackfield/ Tue, 24 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/writeups/htb-blackfield/ Box AD Hard. AS-REP Roasting -> BloodHound -> ForceChangePassword -> lsass.DMP -> SeBackupPrivilege -> VSS snapshot -> NTDS.dit -> Domain Admin. https://heretek.dev/pt/writeups/htb-forest/ Tue, 24 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/writeups/htb-forest/ Segunda box AD. AS-REP Roasting sem creds, caminho de ataque no BloodHound por 5 grupos nested, ACL abuse até DCSync. https://heretek.dev/pt/methodology/ad-attack-methodology/ Tue, 24 Mar 2026 00:00:00 +0000 https://heretek.dev/pt/methodology/ad-attack-methodology/ Metodologia passo-a-passo pra atacar Active Directory — a chain que eu sigo em toda box AD.