Skip to content

BloodHound

(C# and PowerShell Collectors)

Installation

BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a C# data collector.

Download github repo from: https://github.com/BloodHoundAD/BloodHound.

Sharphound is the official data collector for BloodHound.

sudo apt-get install bloodhound

Initialize the console:

sudo neo4j console

Open the browser at the indicated address: http://localhost:7474/

The first time it will ask you for default user and password: neo4j:neo4j.

After loging into the application you will be prompted to change default password.

Basic usage

1. Get SharpHound collector working in the victim's machine:

# Same as with powerview
powershell -ep bypass

# Launch Sharphound
..\Downloads\SharpHound.ps1

# Generate a zip file
Invoke-BloodHound -CollectionMethod All -Domain CONTROLER.local -ZipFileName loot.zip

2. Transfer loot.zip file to you attacker machine

3. Import loot.zip into Bloodhoud.

# Launch Bloodhound interface.
bloodhound
# enter user:password already set before for the neo4j console.

Click on "Upload data". Upload the file.

Last update: 2023-07-05
Created: May 9, 2023 17:16:52