Open-source penetration testing tool BloodHound CE released

SpecterOps released version 5.0 of BloodHound Community Edition (CE), a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory (AD) and Azure (including Azure AD/Entra ID) environments. It is available for free on GitHub.

BloodHound CE

Identifying simple Attack Paths between two objects is a straightforward “search and click” exercise

This update brings many enterprise-grade usability features to BloodHound CE, like containerized deployment, REST APIs, user management, and access control. It also significantly improves performance while streamlining development allowing for faster development and incorporation of community contributions.

“The way that BloodHound Community Edition maps out Attack Paths in AD and Azure is unique – there isn’t another tool (or feature within either of those) that can find hidden and unintentional relationships to identify complex Attack Paths that attackers can exploit. After this update, the tool will offer a user experience closer to an enterprise-grade product than an open-source tool,” Andy Robbins, co-creator of BloodHound and a Principal Product Architect at SpecterOps, told Help Net Security.

BloodHound CE

The entire UI is driven via RESTful APIs and includes a full Swagger spec within the application

New features

Support for REST APIs – BloodHound CE is a three-tier application with a database, an API layer, and a web-based user interface. Users can now use REST APIs to interact with data rather than needing to write queries directly to the database.

Containerized deployment – The tool will deploy as a containerized product. This much simpler process will reduce deployment time by 80%. This also makes it easier for users with different sized environments to manipulate the resources assigned to BloodHound.

Enterprise-grade user management – This update adds built-in full multi-user support with RBAC, the ability to create and assign user roles, and support for two-factor authentication and SAML to BloodHound CE.

Protected Cypher searches – Cypher queries will include available guardrails to automatically cancel queries that will cause performance or security issues.

Reliability and performance upgrade – Routine maintenance updates will make the tool faster, more resilient, and more reliable.

More frequent updates and community contributions – These changes will allow SpecterOps to increase the rate of updates and new features added to BloodHound CE going forward and will increase the number of pull requests from the community that can be implemented.

Better community support – More similarities between BloodHound CE and BloodHound Enterprise under the hood means users will have better access to support and documentation for both.

BloodHound was created in 2016 by Rohan Vazarkar, Will Schroeder, and Andy Robbins. It has been downloaded nearly 500,000 times and has over 12,000 users in the BloodHound Community Slack. The tool has been recommended by CISA and Microsoft to help secure Microsoft Active Directory and Azure AD.

Read more: 12 open-source penetration testing tools you might not know about

Don't miss