Attack Tool(s): GraphRunner, ROADtools, ScoutSuite, Pacu
- GraphRunner: https://github.com/dafthack/GraphRunner
- ROADtools: https://github.com/dirkjanm/ROADtools
- ScoutSuite: https://github.com/nccgroup/ScoutSuite
- Pacu: https://github.com/RhinoSecurityLabs/pacu
Detection Link(s):
- Security Information and Event Management (SIEM) Log Analysis
- Cloud Event Log Analysis
- Permissions Audit
- User and Entity Behavior Analytics (UEBA)
Helpful Blogs (BHIS):
- “Introducing GraphRunner” – https://www.blackhillsinfosec.com/introducing-graphrunner – Specific to GraphRunner.
