BloodHound: Active Directory Attack Path Analysis
Graph-based security tool that maps attack paths in Active Directory and Azure using privilege relationship analysis.
Learn more about BloodHound
BloodHound is a web-based security analysis platform that visualizes privilege escalation paths in identity and access management systems. The application consists of a React frontend with Sigma.js for graph visualization, a Go REST API backend, and dual database architecture using PostgreSQL for application data and Neo4j for graph storage. Data collection is performed by companion tools SharpHound and AzureHound, which gather information about Active Directory and Azure environments. The tool applies graph theory algorithms to reveal complex privilege relationships and potential attack vectors that would be difficult to identify through manual analysis.
Graph Theory Analysis
Applies mathematical graph algorithms to identity data, revealing indirect privilege relationships and multi-hop attack paths across complex directory structures.
Dual Database Architecture
Combines PostgreSQL for application data with Neo4j graph database for relationship storage, optimizing both transactional operations and graph traversal queries.
Multi-Platform Coverage
Supports analysis across Active Directory, Azure, and other identity platforms through the OpenGraph framework, providing unified visibility into hybrid environments.
Maintenance release with PZ migration rerun.
- –chore: rerun PZ migration BED-7299
Fixes custom icons display issue and increases timeout limit to 60 seconds.
- –fix(OpenGraph custom icons): Custom icons not displaying properly BED-7252
- –feat(UI): applied timeout limit update to 60 seconds from previous PR - BED-6985
- –chore: bump DAWGS BED-7260
Apply timeout limit to search handler with timeout limit parameter.
- –feat(UI): apply timeout limit to search handler with timeout limit param - BED-6985
See how people are using BloodHound
Related Repositories
Discover similar tools and frameworks used by developers
age
Simple, secure file encryption tool and Go library with small keys and UNIX composability.
DVWA
PHP/MariaDB training platform for web security exploitation practice.
Gitleaks
Regex-based secret scanner for git repositories.
Sigma
YAML-based detection rules with SIEM query conversion.
uBlock Origin
Browser extension that blocks ads, trackers, and malware sites using filter lists for Chromium and Firefox.