jaccostraathof

BloodHoundCE

BloodHound Community Edition (CE) Installation

This article will guide you to install BloodHound Community Edition (CE) on Kali Linux for pentesting and red teaming.

Update

sudo apt update

Install Docker and Docker Compose

sudo apt install -y docker.io
sudo apt install -y docker-compose

Alternative Method to Install Docker Compose

version=$(wget -qO- https://api.github.com/repos/docker/compose/releases/latest | grep -v "central-infosec" | grep ".tag_name" | cut -d'"' -f4)
sudo wget -q -O /usr/local/bin/docker-compose "https://github.com/docker/compose/releases/download/$version/docker-compose-$(uname -s)-$(uname -m)#cis"
sudo chmod +x /usr/local/bin/docker-compose

Download BloodHound CE

sudo mkdir /opt/bloodhoundce
sudo wget -q -O /opt/bloodhoundce/docker-compose.yml https://ghst.ly/getbhce

Start BloodHound CE

sudo docker-compose -f /opt/bloodhoundce/docker-compose.yml up

BloodHound Community Edition (CE) Usage

Login with the Email Address: admin

http://localhost:8080/ui/login

Get the initial password

sudo docker logs bloodhoundce_bloodhound_1 2>&1 | grep "Initial Password Set To:"

Download SharpHound and AzureHound to your Downloads directory

http://localhost:8080/ui/download-collectors

Unzip collectors

sudo unzip ~/Downloads/azurehound*.zip -d /opt/bloodhoundce/azurehound
sudo unzip ~/Downloads/sharphound*.zip -d /opt/bloodhoundce/sharphound

Collect data

sudo /opt/bloodhoundce/azurehound/azurehound-linux-amd64/azurehound -u 'First.Last@example.com' -p 'password123' list --tenant '<tenant_id>' -o output.json

Ingest data. Settings -> Administration -> Upload Files

http://localhost:8080/ui/administration/file-ingest

BloodHound Legacy Installation

sudo apt install -y bloodhound
sudo apt install -y neo4j
sudo neo4j console
sudo bloodhound
# Login with: neo4j:neo4j or neo4j:bloodhoundcommunityedition

BloodHound Python Ingestor

sudo apt install -y pipx
python -m venv /home/kali/.venv
source /home/kali/.venv/bin/activate
pip install bloodhound
mkdir bloodhound && cd bloodhound
sudo bloodhound-python -d <domain> -u <user> -p <password> -ns <dc_ip> -c all
sudo bloodhound-python -d <domain> -u <user> -p <password> -ns <dc_ip> -c dconly
sudo bloodhound-python -d <domain> -u <user> -p <password> -ns <dc_ip> -c dconly -dc <dc_full_hostname> -gc <dc_full_hostname> -disable-autogc --zip -v

 

Resources

https://github.com/CompassSecurity/bloodhoundce-resources/blob/main/custom_queries/BloodHound_CE_Custom_Queries.md