Understand the privilege relationships in an Active Directory environment

Understand the privilege relationships in an Active Directory environment

A new version of BloodHound (1.3.0) is already available on the GitHub. BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a PowerShell ingestor.

BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.

Installation procedure

    First of all, you will have to install Oracle JDK 8 and then the neo4j community edition

  • Download Oracle JDK 8
  • If you have another java installed on your system, you can configure it to use the Oracle JDK 8 as an alternative
  • Repeat the step above for javac
  • You can find a release of BloodHound already compiled here
  • Clone the Git repository to get the Bloodhound graph.db folder

  • Copy the Bloodhound graph.db folder to the neo4j databases folder :

  • Now, you can start neo4j :

  • Start BloodHound : ./BloodHound
  • Authenticate to the provided sample graph database at http://localhost:7474. The username is “neo4j”, and the password is “BloodHound”.

bloodhound2

After that you can begin with data collection : here


References

Source

<>

Leave a Reply

Your email address will not be published. Required fields are marked *