Adapt to new Tier Zero and Owned logic #9
Description
In the "Privileged Zones" update, BloodHound changed a lot regarding how objects are marked as Tier Zero or Owned.
The /asset-groups/ API endpoints are barely used now. There are completely new /asset-group-tags/ endpoints now. And while they look similar, they work differently.
I think the old asset groups with the system_tags (and possibly user_tags) properties are no longer the way to go. The new way looks a bit easier to query fortunately.
But the situation is a bit confusing to me and the migration by SpecterOps might not be complete and there might be bugs currently. Don't know whether the /asset-groups/ API will be completely deprecated.
I think I will wait for another release to watch how things evolve and then adapt to the new API.
For now that means, that the mark subcommand is not fully functional.
For the future, this means that it might no longer be possible to create own asset groups / tags / labels, since the new /asset-group-tags/ API allows this only for enterprise.