bloodhound
TLDR
Start BloodHound GUI
SYNOPSIS
bloodhound [options]
DESCRIPTION
BloodHound is a security tool that uses graph theory to reveal hidden relationships and attack paths within Active Directory environments. It visualizes complex trust relationships, group memberships, and permissions that attackers could exploit to compromise domain administrators.
The tool consists of two components: collectors (SharpHound for Windows, bloodhound-python for Linux) that enumerate Active Directory objects, and the BloodHound GUI that imports this data into a Neo4j graph database for analysis.
Security teams use BloodHound to identify and remediate dangerous configurations, while penetration testers use it to find privilege escalation paths. Built-in queries find common attack paths like "Shortest Path to Domain Admin" or "Kerberoastable Users."
PARAMETERS
--database path
Path to Neo4j database.--import file
Import JSON data file on startup.--neo4j-uri uri
URI for Neo4j connection.--neo4j-user user
Neo4j username.--neo4j-password pass
Neo4j password.--debug
Enable debug logging.--version
Display version information.
DATA COLLECTION
SharpHound (Windows):
CAVEATS
BloodHound is a powerful security tool that requires proper authorization before use. Collecting data from Active Directory may trigger security alerts. The tool shows theoretical attack paths; actual exploitation requires additional steps. Neo4j must be running before starting BloodHound. Large environments may require significant memory for analysis.
HISTORY
BloodHound was created by Andy Robbins, Rohan Vazarkar, and Will Schroeder at SpecterOps and first presented at DEF CON 24 in 2016. It revolutionized Active Directory security assessments by visualizing complex relationships that were previously difficult to analyze manually. The tool is open source and has become an industry standard for AD security assessment.
SEE ALSO
neo4j(1), impacket(1), ldapsearch(1)
