ADTrapper: Open-Source Active Directory Security Analysis Platform скачать в хорошем качестве

ADTrapper: Open-Source Active Directory Security Analysis Platform

🔐 Introducing ADTrapper - an open-source Active Directory security analysis platform that transforms Windows authentication logs into interactive visualizations and actionable threat intelligence. 🎯 WHAT IS ADTRAPPER? ADTrapper is an open-source security analysis platform specifically designed for analyzing Active Directory authentication logs. It provides visual threat detection, automated anomaly analysis, and comprehensive coverage of AD CS vulnerabilities (ESC1-ESC16). ✨ KEY FEATURES • 54+ Detection Rules - Brute force, password spray, privilege escalation, ADCS attacks • Interactive Graph Visualization - Force-directed graphs showing authentication relationships • AD CS Security - ESC1-ESC16 vulnerability detection (Locksmith compatible) • SharpHound Integration - BloodHound data analysis • Splunk HEC Integration - Forward alerts to your SIEM • REST API - Automate threat hunting workflows • No Authentication Required - Quick analysis for incident response • Docker Deployment - Production-ready in 5 minutes 🛡️ DETECTION CAPABILITIES Authentication Attacks: Brute force, password spray, credential stuffing Behavioral Anomalies: Geographic anomalies, impossible travel, off-hours access Privilege Escalation: Explicit credentials, privilege chains, service account abuse AD CS Vulnerabilities: ESC1-ESC16, certificate theft, CA backup access Network Patterns: SMB enumeration, RDP abuse, NTLM relay detection 🔗 LINKS GitHub: https://github.com/MHaggis/ADTrapper Documentation: https://github.com/MHaggis/ADTrapper#... Detection Rules: https://github.com/MHaggis/ADTrapper/... 📚 RESOURCES MENTIONED • Locksmith (Jake Hildreth): AD CS security assessment tool • BloodHound/SharpHound: AD attack path analysis