SO-CON 2025 is a premier cybersecurity summit that offers talks, trainings, and networking events focused on identity-based security and Attack Paths. NetSPI VP of Research, Scott Sutherland gave a presentation at SO-CON 2025 about SMB shares in Active Directory environments.
Hunting SMB Shares with Data, Graphs, Charts, LLMs
Every hacker has a story about abusing SMB shares, but it’s an attack surface that cybersecurity teams still struggle to understand, manage, and defend. This presentation covers simple but effective data analysis techniques to identify, understand, attack, and remediate SMB shares in Active Directory environments. The session includes demos showcasing how these techniques can be applied using PowerShell, Neo4j, Cytoscape, and PowerHuntShares.
About Presenter

Scott Sutherland is Vice President of Research at NetSPI. In this role, he focuses on working with the services and product teams to develop new techniques, tools, and solutions used during engagements. Scott has also been an active participant in the information security community and has contributed multiple open-source tools, technical security blog posts, whitepapers, and presentations. Most notably, PowerUpSQL.
Related Open-Source Projects
Connect With Scott on Social
Bluesky | GitHub | X / Twitter
Explore More Events and Webinars

GDS Security Insight Summit Netherlands
Schedule a 1:1 with Team NetSPI at the GDS Security Insight Summit 27-28 October at the Grand Hotel Huister Duin in Noordwijk Netherlands.

4th Annual NetSPI Golf Tournament
Tee off with NetSPI at the 4th Annual NetSPI Golf Tournament Benefiting M Health Fairview Masonic Children's Hospital on September 8th.

GDS Security Insight Summit Atlanta
Meet NetSPI at the GDS Security Insight Summit September 8-9 in Atlanta, Georgia.