Tool: BloodHound| Names | BloodHound | |
| Category | Tools | |
| Type | Reconnaissance | |
| Description | (PenTestPartners) BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It can be used on engagements to identify different attack paths in Active Directory (AD), this encompasses access control lists (ACLs), users, groups, trust relationships and unique AD objects. The tool can be leveraged by both blue and red teams to find different paths to targets. The subsections below explain the different and how to properly utilize the different ingestors. | |
| Information | <https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/> <https://github.com/BloodHoundAD/BloodHound> | |
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 20, Violin Panda |  | 2014-2017 | |||
| Stone Panda, APT 10, menuPass | | 2006-Jul 2020 |  | ||
| TA2101, Maze Team | [Unknown] | 2019-Oct 2020 | |||
Other groups | |||||
| Wizard Spider, Gold Blackburn |  | 2014-Nov 2020 | | ||
4 groups listed (3 APT, 1 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |