BloodHound is a monolithic web application composed of an embedded React frontend with Sigma.js and a Go based REST API backend. It is deployed with a Postgresql application database and a Neo4j graph database, and is fed by the SharpHound and AzureHound data collectors.
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory or Azure environment.
BloodHound CE is created and maintained by the BloodHound Enterprise Team. The original BloodHound was created by @_wald0, @CptJesus, and @harmj0y.
The easiest way to get up and running is to use our pre-configured Docker Compose setup. The following steps will get BloodHound CE up and running with the least amount of effort.
- Install Docker Compose. This should be included with the Docker Desktop installation
- Run
curl -L https://ghst.ly/getbhce | docker compose -f - up
- Locate the randomly generated password in the terminal output of Docker Compose
- In a browser, navigate to
https://localhost:8080/ui/login
. Login with a username ofadmin
and the randomly generated password from the logs
NOTE: going forward, the default docker-compose.yml
example binds only to localhost (127.0.0.1). If you want to access BloodHound outside of localhost,
you'll need to follow the instructions in examples/docker-compose/README.md to configure the host binding for the container.
- BloodHound Slack
- Wiki
- Contributors
- Docker Compose Example
- BloodHound Docs
- Developer Quick Start Guide
- Contributing Guide
Please check out the Contact page in our wiki for details on how to reach out with questions and suggestions.
Copyright 2023 Specter Ops, Inc.
Licensed under the Apache License, Version 2.0
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Unless otherwise annotated by a lower-level LICENSE file or license header, all files in this repository are released
under the Apache-2.0
license. A full copy of the license may be found in the top-level LICENSE file.