SO-CON 2025 is a premier cybersecurity summit that offers talks, trainings, and networking events focused on identity-based security and Attack Paths. NetSPI VP of Research, Scott Sutherland gave a presentation at SO-CON 2025 about SMB shares in Active Directory environments.
Hunting SMB Shares with Data, Graphs, Charts, LLMs
Every hacker has a story about abusing SMB shares, but it’s an attack surface that cybersecurity teams still struggle to understand, manage, and defend. This presentation covers simple but effective data analysis techniques to identify, understand, attack, and remediate SMB shares in Active Directory environments. The session includes demos showcasing how these techniques can be applied using PowerShell, Neo4j, Cytoscape, and PowerHuntShares.
About Presenter
Scott Sutherland is Vice President of Research at NetSPI. In this role, he focuses on working with the services and product teams to develop new techniques, tools, and solutions used during engagements. Scott has also been an active participant in the information security community and has contributed multiple open-source tools, technical security blog posts, whitepapers, and presentations. Most notably, PowerUpSQL.
Related Open-Source Projects
Connect With Scott on Social
Bluesky | GitHub | X / Twitter
Explore More Events and Webinars
GDS Security Insight Summit Netherlands
Schedule a 1:1 with Team NetSPI at the GDS Security Insight Summit 27-28 October at the Grand Hotel Huister Duin in Noordwijk Netherlands.
International Cyber Risk Summit
Stop at NetSPI’s booth at the International Cyber Risk Summit July 10-11 at the The Westin DC Downtown in Washington, DC.
VLCM Milwaukee
Register today to join NetSPI in Milwaukee at a Lunch and Learn with VLCM on July 23rd.