Skip to main content

BloodHound

1. Installation

sudo apt install -y neo4j bloodhound

2. Setup

sudo neo4j console &

Navigate to http://localhost:7474 
Login is neo4j and change the default password

sudo bloodhound &

Log into the neo4j user account with the new password

3. Data Collection

  1. Run the BloodHound collector agent on the compromised host
  2. This will generate a .zip file
  3. Transfer the .zip file back to Kali
  4. Drag and drop the .zip file onto the BloodHound UI

Collector Agents

https://github.com/BloodHoundAD/BloodHound/tree/master/Collectors

4. Data Queries

There are pre-built queries into BloodHound which readily provide some insightful data.

  1. Click the menu icon in the top-left
  2. Click the Analysis tab
  3. Use one of the pre-built queries search the imported data


Official Documentation

https://bloodhound.readthedocs.io/en/latest/index.html