BloodHound

BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attacks can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify.

You can find the tool here :

After installing it, start your neo4j plateform :

neo4j console

and start your bloodhound in another tab by typing

bloodhound

Now bloodhound needs data, and it does so by using an ingestor called SharpHound, you should download, move and execute that script on your domain user that you compromised by typing

powershell -ep bypass
. .\SharpHound.ps1
Invoke-BloodHound -CollectionMethod All -Domain TARGETDOMAIN -ZipFileName bloodhound.zip

once you finish that, copy the zip file to your system, and feed it to bloodhound through drag and drop or import data functionality.

PreviousPingCastle NextOther

Last updated 4 years ago