BloodHound
Typically Best to Grab Latest Version of Sharphound/BloodHound from GitHub
Resetting Neo4j Password
Starting Neo4j for BloodHound
In order to use BloodHound, we need to start the Neo4j service, which is installed by default. Note that when Bloodhound is installed with APT, the Neo4j service is automatically installed as well.
Neo4j is essentially an open source graph database (NoSQL) that creates nodes, edges, and properties instead of simple rows and columns. This facilitates the visual respresentation of our collected data.
After starting Neo4j we can navigate to the interface (by default http://localhost:7474) then we authenticate using the default credentials (username: neo4j - password: neo4j)
After authenticating, we will be prompted to set up a password change
The password that is set here will also be used to authenticate to the database.
Start BloodHound and Import Data
With Neo4j now running, we can start bloodhound from the terminal:
Sign in using the password set in Neoj4
Since we have not imported any data yet, there will be no visual respresentation of the domain at this point. In order to import the data, we must first transfer the zip file from our target machine to our attacker machine, the use the Upload Data function on the right side of the GUI to upload the zip file, or drag-and-drop it into BloodHound's main window.
Analyzing Data In BloodHound
Once the upload is finished, we can being analyzing the data. To get an initial idea about how much data the database contains, we can click the Hamburger menu at the top left. This represents the Database Info:
Going to the Analysis button on the right, we can see various pre-built analysis options:
Last updated