Bloodhound
About
Bloodhound is "an Attack Path Management solution that continuously maps and quantifies Active Directory Attack Paths. You can remove millions, even billions of Attack Paths within your existing architecture and eliminate the attacker’s easiest, most reliable, and most attractive techniques."
Install
Pre-Compiled binaries can be found here
Add the neo4j repo to your apt sources (Echoing this out kept fighting me so I nano'd the file myself)
wget -O - https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
echo 'deb https://debian.neo4j.com stable 4.4' > /etc/apt/sources.list.d/neo4j.list
sudo apt-get updatesudo nano /etc/apt/sources.list.d/neo4j.list
Install apt-transport-https and neo4j
sudo apt install apt-transport-https neo4jEnsure Neo4j runs properly. Stop the service, manually start it and verify no issues prevent it from running
sudo systemctl stop neo4j
cd /usr/bin
sudo ./neo4j console
If it start properly, start the service
sudo systemctl start neo4jOnce started, go to: http://localhost:7474/ log in with neo4j:neo4j, change the password when prompted.
After logging in we should see:
Once we have that started, download a Pre-Compiled binary from here. From inside the unzipped folder we can start Bloodhound.
sudo ./BloodHound.bin --no-sandbox
Login with neo4j:(password you set), and we're done installing and running.
Usage
This is a screenshot from an example but this is what you *can* see
Last updated