Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

ADPathFinder

0
Medium
Published: 07/15/2026 (07/15/2026, 13:17:36 UTC)
Source: Reddit Cybersecurity

Description

ADPathFinder is an Active Directory attack path mapping and password auditing tool that integrates data from BloodHound collectors including SharpHound, MSSQLHound, and ConfigManBearPig. It automates the identification of privilege escalation paths across AD, ADCS, MSSQL, and SCCM by querying combined graph data, grouping related paths, and producing detailed reports. The tool also enhances password audits by contextualizing cracked passwords with BloodHound graph data, highlighting risks based on account privileges and group memberships. ADPathFinder is intended for use in internal penetration testing engagements to efficiently identify complex attack paths and password weaknesses.

Reddit Discussion

r/cybersecurity·posted by u/Realistic-Promise999
00

I'm incredibly proud to announce the public release of ADPathFinder, an Active Directory attack path mapping tool that works directly with BloodHound collectors. It's the first tool of its type to produce detailed attack mapping across SharpHound and OpenGraph collectors — including MSSQLHound and ConfigManBearPig (SCCM). This enables testers to get the most out of BloodHound for the least amount of effort! It also produces an in-depth password audit, covering password reuse, weak patterns, Kerberoastable accounts, and much more - filtering out disabled accounts by default. Check out the blog, contributors very welcome.

https://www.netspi.com/blog/technical-blog/network-pentesting/adpathfinder-opengraph-attack-path-mapping-in-bloodhound-ce/

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/15/2026, 13:32:42 UTC

Technical Analysis

ADPathFinder is a tool designed to map privilege escalation paths within Active Directory environments by combining data from multiple BloodHound collectors (SharpHound, MSSQLHound, ConfigManBearPig) into a unified graph. It identifies shortest paths from low-privileged accounts to high-value targets such as Domain Admins and Domain Controllers, including cross-dataset paths involving AD, ADCS, MSSQL, and SCCM. The tool groups users and computers sharing the same attack paths to reduce duplicate findings and prioritizes paths by severity. Additionally, ADPathFinder performs password audits using cracked NTDS and hashcat results, enriched with BloodHound context to assess password reuse, weak patterns, and roastable accounts. It produces detailed HTML and JSON reports with attack graphs and PowerShell commands for validation. The tool is intended for internal network penetration testing and requires BloodHound CE and Neo4j to operate.

Potential Impact

ADPathFinder itself is a security assessment tool rather than a vulnerability or exploit. Its impact lies in enabling penetration testers and red teams to more efficiently discover and prioritize complex Active Directory attack paths and password weaknesses that could be exploited by adversaries. By automating the correlation of multiple data sources and contextualizing password audit results, it improves the accuracy and speed of internal security assessments. There are no known exploits or malicious use cases inherent to ADPathFinder; it is a legitimate tool for authorized security testing.

Mitigation Recommendations

This is a security assessment tool designed for authorized internal penetration testing. There is no vulnerability or exploit to patch. Organizations should ensure that ADPathFinder and related tools are used only by authorized personnel within controlled environments. No specific remediation or patch is applicable. If unauthorized use is suspected, standard access control and monitoring measures should be enforced.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Source Type
reddit
Subreddit
cybersecurity
Reddit Score
0
Discussion Level
minimal
Content Source
reddit_link_post
Post Type
link
Domain
null
Newsworthiness Assessment
{"score":27,"reasons":["external_link","established_author","very_recent"],"isNewsworthy":true,"foundNewsworthy":[],"foundNonNewsworthy":[]}
Has External Source
true
Trusted Domain
false

Threat ID: 6a578be768715ace43ccce4c

Added to database: 07/15/2026, 13:32:23 UTC

Last enriched: 07/15/2026, 13:32:42 UTC

Last updated: 07/15/2026, 14:47:25 UTC

Views: 3

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses