Skip to main content

Documentation Index

Fetch the complete documentation index at: https://specterops-enable-tls-feedback.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Applies to BloodHound Enterprise and CE The following Privilege Zone rules can be imported into BloodHound to group nodes for Cypher query analysis and BloodHound Enterprise finding generation.
This file is automatically generated from the JSON Privilege Zone rule files.

Organization

Organization nodes in Okta. Zone: Tier Zero 
MATCH (n:Okta_Organization)
RETURN n
This rule is defined in the organization.json file.

Tier Zero Devices

Devices associated with principals who have SUPER_ADMIN or ORG_ADMIN role assignments. Zone: Tier Zero 
MATCH (n:Okta_Device)-[:Okta_DeviceOf]->(:Okta)-[:Okta_HasRoleAssignment|Okta_MemberOf*1..2]->(r:Okta_RoleAssignment)-[:Okta_ScopedTo]->(:Okta_Organization)
WHERE r.type = "SUPER_ADMIN"
OR r.type = "ORG_ADMIN"
RETURN n
This rule is defined in the tier0-devices.json file.

Tier Zero Principals

Principals with SUPER_ADMIN or ORG_ADMIN role assignments. Zone: Tier Zero 
MATCH (n:Okta)-[:Okta_HasRoleAssignment|Okta_MemberOf*1..2]->(r:Okta_RoleAssignment)-[:Okta_ScopedTo]->(:Okta_Organization)
WHERE r.type = "SUPER_ADMIN"
OR r.type = "ORG_ADMIN"
RETURN n
This rule is defined in the tier0-principals.json file.