SpecterOps/BloodHound
Fork: 122 Star: 1201 (更新于 2024-12-17 11:36:23)
license: Apache-2.0
Language: Go .
Six Degrees of Domain Admin
最后发布版本: v6.3.0 ( 2024-12-12 01:18:46)
BloodHound is a monolithic web application composed of an embedded React frontend with Sigma.js and a Go based REST API backend. It is deployed with a Postgresql application database and a Neo4j graph database, and is fed by the SharpHound and AzureHound data collectors.
BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. Attackers can use BloodHound to quickly identify highly complex attack paths that would otherwise be impossible to find. Defenders can use BloodHound to identify and eliminate those same attack paths. Both red and blue teams can use BloodHound to better understand privileged relationships in an Active Directory or Azure environment.
BloodHound CE is created and maintained by the BloodHound Enterprise Team. The original BloodHound was created by @_wald0, @CptJesus, and @harmj0y.
Running BloodHound Community Edition
Docker Compose is the easiest way to get up and running with BloodHound CE. Instructions below describe how to install and upgrade your deployment.
System Requirements
BloodHound CE deploys in a traditional multi-tier container architecture consisting of databases, application, and UI layers.
Minimum specifications:
- 4GB of RAM
- 4 processor cores
- 10GB hard disk space
For large environments (>50,000 users):
- 96GB of RAM
- 12 processor cores
- 50GB hard disk space
Deploy BloodHound CE
Deploying BloodHound CE quickly with the following steps:
- Install Docker Desktop. Docker Desktop includes Docker Compose as part of the installation.
- Download the Docker Compose YAML file and save it to a directory where you'd like to run BloodHound. You can do this from a terminal application with
curl -L https://ghst.ly/getbhce
.On Windows: Execute the command in CMD, or use
curl.exe
instead ofcurl
in PowerShell. - Navigate to the folder with the saved
docker-compose.yml
file and rundocker compose pull && docker compose up
. - Locate the randomly generated password in the terminal output of Docker Compose.
- In a browser, navigate to
http://localhost:8080/ui/login
. Login with a username ofadmin
and the randomly generated password from the logs.
NOTE: The default docker-compose.yml
example binds only to localhost (127.0.0.1). If you want to access BloodHound outside of localhost, you'll need to follow the instructions in examples/docker-compose/README.md to configure the host binding for the container.
Upgrade BloodHound CE
Once installed, upgrade BloodHound CE to the latest version with the following steps:
- Navigate to the folder with the saved
docker-compose.yml
file and rundocker compose pull && docker compose up
. - In a browser, navigate to
http://localhost:8080/ui/login
and log in with your previously configured username and password.
Importing sample data
The BloodHound team has provided some sample data for testing BloodHound without performing a SharpHound or AzureHound collection. That data may be found here.
Installation Error Handling
- If you encounter a "failed to get console mode for stdin: The handle is invalid." ensure Docker Desktop (and associated Engine is running). Docker Desktop does not automatically register as a startup entry.
- If you encounter an "Error response from daemon: Ports are not available: exposing port TCP 127.0.0.1:7474 -> 0.0.0.0:0: listen tcp 127.0.0.1:7474: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted." this is normally attributed to the "Neo4J Graph Database - neo4j" service already running on your local system. Please stop or delete the service to continue.
# Verify if Docker Engine is Running
docker info
# Attempt to stop Neo4j Service if running (on Windows)
Stop-Service "Neo4j" -ErrorAction SilentlyContinue
- A successful installation of BloodHound CE would look like the below:
https://github.com/SpecterOps/BloodHound/assets/12970156/ea9dc042-1866-4ccb-9839-933140cc38b9
Useful Links
- BloodHound Slack
- Wiki
- Contributors
- Docker Compose Example
- BloodHound Docs
- Developer Quick Start Guide
- Contributing Guide
Contact
Please check out the Contact page in our wiki for details on how to reach out with questions and suggestions.
Licensing
Copyright 2023 Specter Ops, Inc.
Licensed under the Apache License, Version 2.0
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Unless otherwise annotated by a lower-level LICENSE file or license header, all files in this repository are released
under the Apache-2.0
license. A full copy of the license may be found in the top-level LICENSE file.
最近版本更新:(数据更新于 2024-12-17 11:36:07)
2024-12-12 01:18:46 v6.3.0
2024-12-11 05:31:29 v6.3.0-rc4
2024-12-11 04:37:24 v6.3.0-rc3
2024-12-06 06:35:42 v6.3.0-rc2
2024-12-05 01:00:46 v6.3.0-rc1
2024-12-04 00:58:42 v6.2.3
2024-12-03 06:00:51 v6.2.3-rc2
2024-12-03 06:00:28 v6.2.3-rc1
2024-11-21 01:52:15 v6.2.2
2024-11-20 02:01:17 v6.2.2-rc2
SpecterOps/BloodHound同语言 Go最近更新仓库
2024-12-21 20:15:12 SagerNet/sing-box
2024-12-19 23:11:24 shadow1ng/fscan
2024-12-19 21:50:56 minio/minio
2024-12-19 10:04:39 istio/istio
2024-12-19 05:39:02 XTLS/Xray-core
2024-12-18 20:11:42 Permify/permify