Tool: BloodHound| Names | BloodHound | |
| Category | Tools | |
| Type | Reconnaissance | |
| Description | (PenTestPartners) BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It can be used on engagements to identify different attack paths in Active Directory (AD), this encompasses access control lists (ACLs), users, groups, trust relationships and unique AD objects. The tool can be leveraged by both blue and red teams to find different paths to targets. The subsections below explain the different and how to properly utilize the different ingestors. | |
| Information | <https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/> <https://github.com/BloodHoundAD/BloodHound> | |
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 20, Violin Panda |  | 2014-2017 | |||
| Stone Panda, APT 10, menuPass | | 2006-Feb 2021 |  | ||
| TA2101, Maze Team | [Unknown] | 2019-Mar 2021 | | ||
| Traveling Spider | [Unknown] | 2019-Mar 2021 | |||
| UNC2447 | [Unknown] | 2020 | |||
| Wizard Spider, Gold Blackburn |  | 2014-Aug 2021  | | ||
6 groups listed (6 APT, 0 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |