-
Notifications
You must be signed in to change notification settings - Fork 127
Home
BloodHound CE is a security tool that uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Entra ID (formerly known as Azure AD) environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory or Azure environment.
If you're visiting this wiki as a BloodHound user, we highly recommend checking out our official documentation. These pages hold a wealth of knowledge around setup, usage, and best practices for BloodHound CE and Enterprise, as most information is interchangeable between the two versions.
If the docs still didn't have an answer then feel free to reach out to us or the Community for help. You can check out the Contact page for more information.
Deploy BloodHound CE quickly with the following steps:
- Install Docker Desktop. Docker Desktop includes Docker Compose as part of the installation.
- Download the Docker Compose YAML file and save it to a directory where you'd like to run BloodHound. You can do this from a terminal application with
curl -L https://ghst.ly/getbhce.On Windows: Execute the command in CMD, or use
curl.exeinstead ofcurlin PowerShell. - Navigate to the folder with the saved
docker-compose.yamlfile and rundocker compose pull && docker compose up. - Locate the randomly generated password in the terminal output of Docker Compose.
- In a browser, navigate to
http://localhost:8080/ui/login. Login with a username ofadminand the randomly generated password from the logs.
NOTE: The default docker-compose.yml example binds only to localhost (127.0.0.1). If you want to access BloodHound outside of localhost, you'll need to follow the instructions in examples/docker-compose/README.md to configure the host binding for the container.
Details on setting up the BloodHound CE development environment and contributing code can be found on the Development page.