Graph-based Active Directory security analysis for identifying attack paths and privilege escalation routes
AdvancedInteractive Dual Perspective
BloodHound uses graph theory to reveal hidden relationships in Active Directory. It identifies attack paths that allow privilege escalation, lateral movement, and domain compromise by analyzing AD permissions, group memberships, and trust relationships.
🔴 RED TEAM: Offensive Usage
Enumerate AD to find shortest path to Domain Admin. Identify kerberoastable accounts, unconstrained delegation, and ACL abuse opportunities. Visualize complex privilege escalation chains invisible to manual enumeration.
🔵 BLUE TEAM: Defensive Usage
Discover misconfigurations before attackers do. Identify dangerous permissions (GenericAll, WriteDACL), overprivileged service accounts, and weak Kerberos configurations. Fix attack paths proactively.
🟣 PURPLE TEAM: Collaborative Testing
Red uses BloodHound to find attack paths while Blue validates detection for SharpHound collection and lateral movement. Jointly reduce AD attack surface by remediating identified paths.
Interactive Simulation
Analyze AD relationships and discover privilege escalation paths
Step 1: Run SharpHound Collection
PS C:\Tools> .\SharpHound.exe -c All --zipfilename corp_audit.zip