BloodHound: Active Directory Analysis

curl -L -o bloodhound-cli-darwin-arm64.tar.gz https://github.com/SpecterOps/bloodhound-cli/releases/latest/download/bloodhound-cli-darwin-arm64.tar.gz
tar -xvzf bloodhound-cli-darwin-arm64.tar.gz
./bloodhound-cli install

wget https://github.com/SpecterOps/bloodhound-cli/releases/latest/download/bloodhound-cli-linux-amd64.tar.gz
tar -xvzf bloodhound-cli-linux-amd64.tar.gz
./bloodhound-cli install

sudo apt update
sudo apt install docker.io docker-compose
sudo usermod -aG docker $USER
newgrp docker

Restarting BloodHound

docker compose up -d

Resetting Password

./bloodhound-cli resetpwd

# 1. Start only the database container
docker compose up app-db

# 2. Change password encryption
docker compose exec app-db sh -c "psql -c \"SET password_encryption = 'scram-sha-256'; ALTER ROLE CURRENT_USER PASSWORD '\${BH_POSTGRES_PASSWORD:-bloodhoundcommunityedition}';\""

# 3. Export data
docker compose exec app-db pg_dumpall > dump.sql

# 4. Stop and remove container
docker compose rm -f app-db

# 5. Remove database volume
docker volume rm docker-compose_postgres-data

Step 1: Download and Run Windows Executable

Download the Windows executable and run it as shown in the image below: Execute: powershell -ep bypass

Step 2: Extract the ZIP File

Once the process completes and generates a ZIP file, extract it using AirSend:

Step 3: Import Data into BloodHound

Download the extracted data to your machine, unzip it, and import it into BloodHound:

Step 4: View Results

Once imported, you can view the results in BloodHound: