Page cover image

BloodHound

Bloodhound - Simple

$ sudo apt-get update

$ sudo apt install bloodhound

$ sudo neo4j console

Click the localhost link and sign into neo4j, then sign in

(Default creds are neo4j/neo4j. Recommended to change them)

Now, simply type $ bloodhound into the terminal and it should pop up with sign in credentials!

BloodHound Python Ingestor

SharpHound - Data Collection for Windows

After BloodHound is Running with Imported Data

Look for:

Sessions, servers within DA path, Users within DA path, Users linked with DA, Misconfigured AD structures.

i.e. DA accounts should only be restricted to logging into the Domain Controller - if not this is a misconfig

i.e Server Admins should be broken up -> Admin Accounts vs. Service Accounts Rights - if not this is a misconfig sessions

If no sessions, try to re-do the data collection

Cypher Query Language and Statistics

Go to http://localhost:7474

Custom queries

https://github.com/hausec/Bloodhound-Custom-Queries

BloodHound C2

Last updated