Bloodhound

About

Bloodhound is "an Attack Path Management solution that continuously maps and quantifies Active Directory Attack Paths. You can remove millions, even billions of Attack Paths within your existing architecture and eliminate the attacker’s easiest, most reliable, and most attractive techniques."

Bloodhound Docs

Install

Pre-Compiled binaries can be found here

Add the neo4j repo to your apt sources (Echoing this out kept fighting me so I nano'd the file myself)

wget -O - https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
echo 'deb https://debian.neo4j.com stable 4.4' > /etc/apt/sources.list.d/neo4j.list
sudo apt-get update

sudo nano /etc/apt/sources.list.d/neo4j.list

Install apt-transport-https and neo4j

sudo apt install apt-transport-https neo4j

Ensure Neo4j runs properly. Stop the service, manually start it and verify no issues prevent it from running

sudo systemctl stop neo4j
cd /usr/bin
sudo ./neo4j console

If it start properly, start the service

sudo systemctl start neo4j

Once started, go to: http://localhost:7474/ log in with neo4j:neo4j, change the password when prompted.

After logging in we should see:

Once we have that started, download a Pre-Compiled binary from here. From inside the unzipped folder we can start Bloodhound.

sudo ./BloodHound.bin --no-sandbox

Login with neo4j:(password you set), and we're done installing and running.

Usage

This is a screenshot from an example but this is what you *can* see