MacHound : An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts

From kalilinuxtutorials.com

MacHound : An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts

MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database. In addition to using the HasSession and AdminTo edges, MacHound adds three new edges to the Bloodhound database:

  • CanSSH – entity allowed to SSH to host
  • CanVNC – entity allowed to VNC to host
  • CanAE – entity allowed to execute AppleEvent scripts on host

Read more…