SO-CON 2025 is a premier cybersecurity summit that offers talks, trainings, and networking events focused on identity-based security and Attack Paths. NetSPI VP of Research, Scott Sutherland gave a presentation at SO-CON 2025 about SMB shares in Active Directory environments.
Hunting SMB Shares with Data, Graphs, Charts, LLMs
Every hacker has a story about abusing SMB shares, but it’s an attack surface that cybersecurity teams still struggle to understand, manage, and defend. This presentation covers simple but effective data analysis techniques to identify, understand, attack, and remediate SMB shares in Active Directory environments. The session includes demos showcasing how these techniques can be applied using PowerShell, Neo4j, Cytoscape, and PowerHuntShares.
About Presenter

Scott Sutherland is Vice President of Research at NetSPI. In this role, he focuses on working with the services and product teams to develop new techniques, tools, and solutions used during engagements. Scott has also been an active participant in the information security community and has contributed multiple open-source tools, technical security blog posts, whitepapers, and presentations. Most notably, PowerUpSQL.
Related Open-Source Projects
Connect With Scott on Social
Bluesky | GitHub | X / Twitter
Explore More Events and Webinars

DEF CON 33
Learn what Team NetSPI is doing at DEF CON 33 this year in Las Vegas – from talks to contests, don’t miss your chance to connect with us!

BSides Las Vegas
Learn what Team NetSPI is doing at BSides Las Vegas – 3 talks about affordable hardware security tooling, how to give a CFP, and cybersecurity leadership.

GDS Security Insight Summit Netherlands
Schedule a 1:1 with Team NetSPI at the GDS Security Insight Summit 27-28 October at the Grand Hotel Huister Duin in Noordwijk Netherlands.