Skip to main content

Documentation Index

Fetch the complete documentation index at: https://specterops-fetch-json-component.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Applies to BloodHound Enterprise and CE The following Cypher rules define the default Privilege Zone for the OktaHound extension. Each rule is defined in a JSON file located in the PrivilegeZoneRules directory of the OktaHound repository.

Organization

Organization nodes in Okta. 
MATCH (n:Okta_Organization)
RETURN n
This rule is defined in the organization.json file.

Tier Zero Devices

Devices associated with principals who have SUPER_ADMIN or ORG_ADMIN role assignments. 
MATCH (n:Okta_Device)-[:Okta_DeviceOf]->(:Okta)-[:Okta_HasRoleAssignment|Okta_MemberOf*1..2]->(r:Okta_RoleAssignment)-[:Okta_ScopedTo]->(:Okta_Organization)
WHERE r.type = "SUPER_ADMIN"
OR r.type = "ORG_ADMIN"
RETURN n
This rule is defined in the tier0-devices.json file.

Tier Zero Principals

Principals with SUPER_ADMIN or ORG_ADMIN role assignments. 
MATCH (n:Okta)-[:Okta_HasRoleAssignment|Okta_MemberOf*1..2]->(r:Okta_RoleAssignment)-[:Okta_ScopedTo]->(:Okta_Organization)
WHERE r.type = "SUPER_ADMIN"
OR r.type = "ORG_ADMIN"
RETURN n
This rule is defined in the tier0-principals.json file.