Bloodhound is a graphical interface that allows you to visually map out the network. This tool along with SharpHound which similar to PowerView takes the user, groups, trusts etc. of the network and collects them into .json files to be used inside of Bloodhound.
Install
apt-get install bloodhound
Usage
- Run neo4j console from the attacker machine
- Default credentials: neo4j:neo4j
- powershell -ep bypass
- . .\Downloads\Sharphound.ps1 — this Sharphound.ps1 script will need to be run from the victim machine
- run Invoke-Bloodhound -CollectionMethod All -Domain CONTROLLER.local -ZipFileName loot.zip
- From here you will need to transfer the .zip file to your attacker machine.
- This can be done using SCP if you are ssh’d in