Bloodhound Data Collection

This is part 2 of the series on Bloodhound. For setting up the database and the tool refer to Part 1. BloodHound data is done using the BloodHound.ps1 file located at: https://github.com/adaptivethreat/BloodHound/tree/master/PowerShell Clone the file and upload it to a host you have foothold. From either CMD or PS shell cd to a folder you have write access and follow these steps: Upload the BloodHound.ps1 file powershell.exe –Exec Bypass Import Module BloodHound.ps1 Get-BloodHoundData | Export-BloodHoundCSV Export the .csv files locally *There is an API for sending the data directly from Cobalt Strike to BloodHound but it is not described in […]

Bloodhound Setup

BloodHound is a tool developed by @_wald0, @CptJesus, and @harmj0y and it is a single page JavaScript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor. BloodHound is developed on the interesting principle of six degrees of separation which states that all living things and everything else in the world is six or fewer steps away from each. This was brought into hacking terms as six degrees of domain admin. Source Repository: https://github.com/adaptivethreat/BloodHound Binary Releases: https://github.com/adaptivethreat/BloodHound/releases Wiki Page: https://github.com/adaptivethreat/BloodHound/wiki The installation instructions below are directed towards MacOS users but the same steps should apply for […]