BloodHound
Intro
Bloodhound provides GUI for AD entities and relationships for the data collected by its ingestors. It uses Graph Theory for providing the capability of mapping shortest path for interesting things like Domain Admins.
There are built-in queries for frequently used actions. It also supports custom Cypher queries.
neo4j
Install neo4j:
.\neo4j.bat install-service
Start neo4j:
.\neo4j.bat start
Go to localhost:7474
in browser and change the default credential neo4j:neo4j
to neo4j:password
. Log into BloodHound now.
SharpHound
Import SharpHound:
. .\SharpHound.ps1
Collect all data:
Invoke-BloodHound -CollectionMethod All -Verbose
The generated archive can be uploaded to the BloodHound application.
To avoid detections like Microsoft Advanced Threat Analytics (ATA):
Invoke-BloodHound -CollectionMethod All -ExcludeDC
Running SharpHound blindly on a victim machine is bad OPSEC.
Last updated
Was this helpful?