BHEAttackPathsData_CL

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index

Attribute Value
Ingestion API Supported ✓ Yes

Contents

Schema (38 columns)

Source: KQL validation test schema

Column Name Type
Accepted bool
AcceptedUntil string
ComboGraphRelationID int
created_at string
deleted_at dynamic
domain_name string
DomainSID string
Environment string
ExposureCount int
ExposurePercentage int
Finding string
id int
ImpactCount int
ImpactedPrincipal string
ImpactedPrincipalEnvironment string
ImpactedPrincipalEnvironmentID string
ImpactedPrincipalKind string
ImpactedPrincipalName string
ImpactedPrincipalProps dynamic
ImpactPercentage int
IsInherited string
LongRemediation string
NonTierZeroPrincipal string
NonTierZeroPrincipalEnvironment string
NonTierZeroPrincipalEnvironmentID string
NonTierZeroPrincipalKind string
NonTierZeroPrincipalName string
NonTierZeroPrincipalProps dynamic
PathTitle string
PrincipalHash string
RelProps dynamic
Remediation string
Severity string
ShortDescription string
ShortRemediation string
tenant_url string
TimeGenerated datetime
updated_at string

Solutions (1)

This table is used by the following solutions:

Connectors (1)

This table is ingested by the following connectors:

Connector Selection Criteria
Bloodhound Enterprise

Content Items Using This Table (104)

Analytic Rules (102)

In solution BloodHound Enterprise:

Analytic Rule Selection Criteria
BloodHound Attack Path Finding - AKS Contributor Role on Tier Zero Managed Cluster
BloodHound Attack Path Finding - AS-REP Roastable User Accounts
BloodHound Attack Path Finding - Add Key Credential Link Privileges on Tier Zero Objects
BloodHound Attack Path Finding - Add Member Privileges on Tier Zero Security Groups
BloodHound Attack Path Finding - Add Members to Tier Zero Group
BloodHound Attack Path Finding - Add Owner to Tier Zero Object via MS Graph App Role
BloodHound Attack Path Finding - Add Resource-Based Constrained Delegation Privileges on Tier Zero Computers
BloodHound Attack Path Finding - Add Secret to Tier Zero Principal
BloodHound Attack Path Finding - AddOwner Role on Tier Zero Resource
BloodHound Attack Path Finding - AddSelf Privilege on Tier Zero Security Groups
BloodHound Attack Path Finding - Admins on Tier Zero Computers
BloodHound Attack Path Finding - AllExtended Privileges on Tier Zero Objects
BloodHound Attack Path Finding - App Admin Control of Tier Zero Principal
BloodHound Attack Path Finding - Avere Contributor Role on Tier Zero Virtual Machine
BloodHound Attack Path Finding - Cloud App Admin Over Tier Zero Principal
BloodHound Attack Path Finding - Command Execution on Tier Zero Virtual Machine
BloodHound Attack Path Finding - Computers Vulnerable to Coercion-Based NTLM Relay to SMB Attack
BloodHound Attack Path Finding - Constrained Delegation on Tier Zero Computers
BloodHound Attack Path Finding - Contributor Role on Tier Zero Automation Account
BloodHound Attack Path Finding - Contributor Role on Tier Zero Resource
BloodHound Attack Path Finding - DCOM Users on Tier Zero Computers
BloodHound Attack Path Finding - ForceChangePassword Privileges on Tier Zero Objects
BloodHound Attack Path Finding - GenericAll Privileges on Tier Zero Objects
BloodHound Attack Path Finding - GenericWrite Privileges on Tier Zero Objects
BloodHound Attack Path Finding - Get Certifcates on Tier Zero Key Vault
BloodHound Attack Path Finding - Get Keys on Tier Zero Key Vault
BloodHound Attack Path Finding - Get Secrets on Tier Zero Key Vault
BloodHound Attack Path Finding - Kerberoastable User Accounts
BloodHound Attack Path Finding - Kerberos Delegation on Tier Zero Objects
BloodHound Attack Path Finding - Key Vault Contributor Role on Tier Zero Resource
BloodHound Attack Path Finding - Large Default Group With SyncLapsPassword Privileges
BloodHound Attack Path Finding - Large Default Groups With Add Key Credential Link Privileges
BloodHound Attack Path Finding - Large Default Groups With Add Member Privileges
BloodHound Attack Path Finding - Large Default Groups With Add Self Privileges
BloodHound Attack Path Finding - Large Default Groups With All Extended Privileges
BloodHound Attack Path Finding - Large Default Groups With ForceChangePassword Privileges
BloodHound Attack Path Finding - Large Default Groups With GenericAll Privileges
BloodHound Attack Path Finding - Large Default Groups With GenericWrite Privileges
BloodHound Attack Path Finding - Large Default Groups With Limited Ownership Privileges
BloodHound Attack Path Finding - Large Default Groups With Ownership Privileges
BloodHound Attack Path Finding - Large Default Groups With RDP Access
BloodHound Attack Path Finding - Large Default Groups With Read GMSA Password Privileges
BloodHound Attack Path Finding - Large Default Groups With Read LAPS Password Privileges
BloodHound Attack Path Finding - Large Default Groups With Resource-Based Constrained Delegation Privileges
BloodHound Attack Path Finding - Large Default Groups With WriteAccountRestrictions Privileges
BloodHound Attack Path Finding - Large Default Groups With WriteDacl Privilege
BloodHound Attack Path Finding - Large Default Groups With WriteGpLink Privilege
BloodHound Attack Path Finding - Large Default Groups With WriteOwner Privileges
BloodHound Attack Path Finding - Large Default Groups With WriteOwnerLimitedRights Privileges
BloodHound Attack Path Finding - Large Default Groups With WriteServicePrincipalName Privileges
BloodHound Attack Path Finding - Large Default Groups in DCOM Users Groups
BloodHound Attack Path Finding - Large Default Groups in Local Administrator Groups
BloodHound Attack Path Finding - Large Default Groups in PS Remote Users Groups
BloodHound Attack Path Finding - Large Default Groups in SQL Admins Groups
BloodHound Attack Path Finding - Legacy SID History on Tier Zero Objects
BloodHound Attack Path Finding - Limited Ownership Privileges on Tier Zero Objects
BloodHound Attack Path Finding - Logic App Contributor Role on Tier Zero Logic App
BloodHound Attack Path Finding - Logons From Tier Zero Users
BloodHound Attack Path Finding - Non Tier Zero Principals With ADCS ESC1 Privileges
BloodHound Attack Path Finding - Non Tier Zero Principals With ADCS ESC10 Scenario A Privileges
BloodHound Attack Path Finding - Non Tier Zero Principals With ADCS ESC13 Privileges Against Tier Zero Group
BloodHound Attack Path Finding - Non Tier Zero Resource Assigned to Tier Zero Service Principal
BloodHound Attack Path Finding - Non-Tier Zero AD User Synced to Tier Zero Entra User
BloodHound Attack Path Finding - Non-Tier Zero Computer Hosting EnterpriseCA Trusted for NT Authentication
BloodHound Attack Path Finding - Non-Tier Zero Entra User Synced to Tier Zero AD User
BloodHound Attack Path Finding - Non-Tier Zero Principal Can Grant Tier Zero App Roles
BloodHound Attack Path Finding - Non-Tier Zero Principal Can Grant Tier Zero Entra ID Role
BloodHound Attack Path Finding - Non-Tier Zero Principal Trusted for Unconstrained Delegation
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC10 Scenario B Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC3 Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC4 Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC6 Scenario A Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC6 Scenario B Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC9 Scenario A Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With ADCS ESC9 Scenario B Privileges
BloodHound Attack Path Finding - Non-Tier Zero Principals With DCSync Privileges
BloodHound Attack Path Finding - Owner Role on Tier Zero Resource
BloodHound Attack Path Finding - Ownership Privileges on Tier Zero Objects
BloodHound Attack Path Finding - Ownership of Tier Zero Principal
BloodHound Attack Path Finding - PS Remote Users on Tier Zero Computers
BloodHound Attack Path Finding - RDP Users on Tier Zero Computers
BloodHound Attack Path Finding - Read GMSA Password Privileges on Tier Zero Objects
BloodHound Attack Path Finding - ReadLapsPassword Privileges on Tier Zero Objects
BloodHound Attack Path Finding - Reset a Tier Zero User's Password
BloodHound Attack Path Finding - SQL Admin Users on Tier Zero Computers
BloodHound Attack Path Finding - SyncLapsPassword Privileges on Tier Zero Objects
BloodHound Attack Path Finding - Tier Zero Computer Vulnerable to Coercion-Based NTLM Relay to ADCS (ESC8) Attack
BloodHound Attack Path Finding - Tier Zero Computer Vulnerable to Coercion-Based NTLM Relay to LDAP Attack
BloodHound Attack Path Finding - Tier Zero Computer Vulnerable to Coercion-Based NTLM Relay to LDAPS Attack
BloodHound Attack Path Finding - Tier Zero Group Control via MS Graph App Role
BloodHound Attack Path Finding - Tier Zero SMSA Installed on Non-Tier Zero Computer
BloodHound Attack Path Finding - Tier Zero Service Principal Control via MS Graph App Role
BloodHound Attack Path Finding - User Access Admin Role on Tier Zero Resource
BloodHound Attack Path Finding - VM Admin Login Role on Tier Zero System
BloodHound Attack Path Finding - VM Contributor Role on Tier Zero System
BloodHound Attack Path Finding - Website Contributor Role on Tier Zero Resource
BloodHound Attack Path Finding - Write Account Restrictions Privileges on Tier Zero Objects
BloodHound Attack Path Finding - WriteDacl Privileges on Tier Zero Objects
BloodHound Attack Path Finding - WriteGpLink Privileges on Tier Zero Objects
BloodHound Attack Path Finding - WriteOwner Privileges on Tier Zero Objects
BloodHound Attack Path Finding - WriteOwnerLimitedRights Privileges on Tier Zero Objects
BloodHound Attack Path Finding - WriteServicePrincipalName Privileges on Tier Zero Objects

Workbooks (2)

In solution BloodHound Enterprise:

Workbook Selection Criteria
BloodHoundEnterpriseAttackPathDetails
BloodHoundEnterpriseAttackPathOverview

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

Back to Tables Index