performing-active-directory-bloodhound-analysis

Featured

Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Active Directory BloodHound Analysis ## Overview BloodHound is an open-source Active Directory reconnaissance tool that uses graph theory to reveal hidden relationships, attack paths, and privilege escalation opportunities within AD environments. By collecting data with SharpHound (or AzureHound for Azure AD), BloodHound visualizes how an attacker can escalate from a low-privilege user to Domain Admin through chains of misconfigurations, group memberships, ACL abuses, and trust relationships. MITRE ATT&CK classifies BloodHound as software S0521. ## When to Use - When conducting security assessments that involve performing active directory bloodhound analysis - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Initial foothold on a domain-joined Windows system (or valid domain credentials) - BloodHound CE (Community Edition) or BloodHound Legacy 4.x installed - SharpHound collector (C# binary or PowerShell module) - Neo4j database (Legacy) or PostgreSQL (CE) - Network access to domain controllers (LDAP TCP/389, LDAPS TCP/636) > **Legal Notice:** This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws. ## MITRE ATT&CK Mapping | Technique I...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

Azure · Cloud PostgreSQL · Database

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

exploiting-active-directory-with-bloodhound

BloodHound is a graph-based Active Directory reconnaissance tool that uses graph theory to reveal hidden and unintended relationships within AD environments. Red teams use BloodHound to identify attac

12,642 Updated today
mukul975
AI & Automation Listed

exploiting-active-directory-with-bloodhound

BloodHound is a graph-based Active Directory reconnaissance tool that uses graph theory to reveal hidden and unintended relationships within AD environments. Red teams use BloodHound to identify attac

6 Updated today
26zl
AI & Automation Featured

conducting-internal-reconnaissance-with-bloodhound-ce

Conduct internal Active Directory reconnaissance using BloodHound Community Edition to map attack paths, identify privilege escalation chains, and discover misconfigurations in domain environments.

12,642 Updated today
mukul975
AI & Automation Listed

ad-attacks

Active Directory attack paths — BloodHound path analysis, Kerberos abuse (Kerberoasting/AS-REP roasting/silver/golden ticket classes), delegation flaws (unconstrained/constrained/RBCD), DCSync, ADCS ESC1-8 at pattern level, and Tier-0 hygiene as a defensive model.

4 Updated 1 weeks ago
roodlicht
AI & Automation Featured

performing-active-directory-penetration-test

Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.

12,642 Updated today
mukul975