SO-CON 2025 is a premier cybersecurity summit that offers talks, trainings, and networking events focused on identity-based security and Attack Paths. NetSPI VP of Research, Scott Sutherland gave a presentation at SO-CON 2025 about SMB shares in Active Directory environments.
Hunting SMB Shares with Data, Graphs, Charts, LLMs
Every hacker has a story about abusing SMB shares, but it’s an attack surface that cybersecurity teams still struggle to understand, manage, and defend. This presentation covers simple but effective data analysis techniques to identify, understand, attack, and remediate SMB shares in Active Directory environments. The session includes demos showcasing how these techniques can be applied using PowerShell, Neo4j, Cytoscape, and PowerHuntShares.
About Presenter
Scott Sutherland is Vice President of Research at NetSPI. In this role, he focuses on working with the services and product teams to develop new techniques, tools, and solutions used during engagements. Scott has also been an active participant in the information security community and has contributed multiple open-source tools, technical security blog posts, whitepapers, and presentations. Most notably, PowerUpSQL.
Related Open-Source Projects
Connect With Scott on Social
Bluesky | GitHub | X / Twitter
Explore More Events and Webinars
NetSPI Agents at BSides Tokyo 2025
Join NetSPI security experts at BSides Tokyo to learn how consumer-grade lasers can replicate nation-state optical hardware attacks.
NetSPI at Infosecurity Europe 2025
NetSPI attended Infosecurity Europe on 3-5 June at ExCel London. Check out our session on Threat Exposure Management.
Black Hat USA
Connect with NetSPI at Black Hat USA, August 6-7 in Las Vegas. Learn how our platform transforms vulnerability management.