GPTHound: Your Active Directory Security Assistant - Enhancing AD Assessment

Explore the innovative GPTHound: Your Active Directory Security Assistant in this conference talk from the Hack In The Box Security Conference. Dive into the challenges of Active Directory (AD) security and learn how GPTHound leverages Large Language Models (LLMs) to revolutionize the AD assessment process. Discover the four-phase approach, including generating queries for attack path searches, clustering users and hosts, identifying sensitive information across multiple languages, and explaining attack paths with remediation recommendations. Gain insights into the design and implementation of this AI-powered tool, understand the challenges of integrating LLM modules, and examine the impressive results achieved in password detection and attack path analysis. Compare the findings with actual domain conditions from over 20 domains and witness how GPTHound outperforms existing tools in cross-language support and data filtering efficiency.

#HITB2023HKT D2T2 - GPTHound: Your Active Directory Security Assistant - John Jiang