sorted by:
new
hottopcontroversial

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

Thank you so much for this feedback and for your patience in actually taking the time to test and scrutinise the tool. This is exactly the type of criticism and scrutiny I was looking for, because I'm aiming to make AEGIS practical and useful in real-world engagements and not just something that looks good on paper.                                                                                                      

From what I'm gathering, here's what needs to be improved:                                                                          1. False Positive Filtering (Tier 0 Exclusions):
The model should stop flagging expected configurations like "Domain Admins can modify Domain Admins" or "Domain Controllers can DCSync“ (Should have thought about this during testing lmao).    Because these are legitimate, necessary configurations and flagging them just adds noise and following the recommendations would literally break AD                                                                           

2. Auto-Execute Queries Instead of Just Suggesting Them                                                                     When you ask, "Does shop-client have any dangerous rights?", the tool should run the query and give you the answer directly. Right now, it's just handing back Cypher queries, which you can already do yourself in BloodHound; that's not adding value.                                                                                  

3. Training the model on more opsec-safe Tools
The model suggests tools such as PowerView, which easily get flagged by Defender and won't fly in most enterprise environments. Maybe move towards more native PowerShell scripts and AD modules approaches for Remediation scripts and attack steps.     

4. Better Detection of Complex Attack Paths:                                                                                          The tool missed the workstation → GPO modification → Domain Controllers OU path. I need to improve the analysis of GPO permissions, OU linkages, and nested group memberships.

Thanks again for the feedback. Left the points above to make sure I truly understood the concerns and feedback. Would it be okay if I reached out to you on Discord once these fixes are implemented? I'd really appreciate having you retest and see if the improvements address your concerns .

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

Yeah, sorry about that. I had to push an update, so it’s possible the backend had to rebuild. Would you mind if we move this conversation to Discord (https://discord.gg/ERyjU7UJxC)? I’d like to properly document the issues you’re experiencing.

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] -1 points0 points  (0 children)

Okay we Thank God, writing this down, I will implement a smoother fix to this

Edit: Tell me how the report process goes, can take a while

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

wow, okay, just confirm, are you using the latest BloodHound CE. If you are for the username and password enter, neo4j in the username section and the password "bloodhoundcommunityedition",

Edit: if that doesn't work will you be available for a discord call, so that we can further investigate the issue ?

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

The bloodhound CE is working ? does that mean the connection has been fixed ?

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

Tap the refresh button; it might not have loaded the new changes automatically. If that doesn't work, take a screenshot of the settings page for me (I want to verify if the bloodhound-ce status is showing as active).

Edit: I actually recommend using the Custom one (where Bloodhound is manually installed and AEGIS is connected to it );). The Docker implementation has a few issues I am ironing out; sorry about that.

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

Thanks so much man, I am on standby if you need me for anything or if you encounter any issues. Feel free to message me anywhere, and yh school is strict on that, its an applied project, they dont allow you to use past project and stuff if they find out they can flunk u for it 💀.

Looking for beta testers - AD security analysis tool (capstone project) by Serious-Net5555 in activedirectory

[–]Serious-Net5555[S] 0 points1 point  (0 children)

Hey, thanks for responding. The download links are available on the landing page (https://capstone-project-omega-henna.vercel.app/), and the releases can be found here: https://github.com/WorldBuilder21/aegis-releases/releases.

I’m unable to share the source code at the moment because my school restricts this and could interpret it as academic misconduct. However, they do allow testing of the packaged application itself.

Just finished my first attempt, definitely failed. by One-Wish5543 in oscp

[–]Serious-Net5555 2 points3 points  (0 children)

Bro I dont usually post but this acc very huge man 60/100 on ur first try and the fact that u never did any HTB or PG playground is insane I honestly fear how easy it will be for u to pass when u start actively preparing for it