Add support for bloodhound

[shaaati]

In your initial blog post, you had a small teaser about an ntdissector2bloodhound script at the end of the article.

Did you already make any progress on this? :)

In the follow-up article you wrote "Before stumbling upon the ADAM format, we were quite not sure if ntdissector would really be useful to the community".

I myself am a pentester and would likely rather use other tools, such as secretsdump (well now I know what to do should I ever encounter AD LDS ;) ). I however see huge benefits for people in Incident Response. My colleagues often encounter cases where there is only very few logging information available and IT personnel is not able to concisely describe permissions and group memberships of accounts in question.
I see immense value in being able to analyze the infrastructure yourself if no information can be provided.

Being able to visualize everything in Bloodhound would further increase the usefulness in my opinion.

Most likely, this is due to my pentesting experience and maybe others would choose completely different workflows. But I think the security industry should try to create synergies wherever possible.

Anyway, thank you for this project! :)

[hypn0s]

Hello shaaati,

Thank you for your feedback! We are indeed working on a ntdissector2bloodhound script :) There is still some work to be done but if everything goes well, we should release it for the beginning of June.

[4renwald]

Avez-vous des nouvelles concernant le script en question? 😄 Merci pour votre travail!

[hypn0s]

Hello @4renwald ,

We are a bit behind the schedule but we will work on this this summer to release it ASAP.