Skip to content

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

Notifications You must be signed in to change notification settings

idnahacks/GoodHound

Repository files navigation

GoodHound

PyPI - Downloads

   ______                ____  __                      __
  / ____/___  ____  ____/ / / / /___  __  ______  ____/ /
 / / __/ __ \/ __ \/ __  / /_/ / __ \/ / / / __ \/ __  / 
/ /_/ / /_/ / /_/ / /_/ / __  / /_/ / /_/ / / / / /_/ /  
\____/\____/\____/\__,_/_/ /_/\____/\__,_/_/ /_/\__,_/   
                                                         

Attackers think in graphs, defenders think in actions, management think in charts.

GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths.

ko-fi

I'm lucky enough to do this for a living. Any donations will be passed on to my local foodbank, animal sanctuary and animal rescue centres.

Usage

Quick Start

For a very quick start with most of the default options, make sure you have your neo4j server running and loaded with SharpHound data and run:

pip install goodhound
goodhound -p "neo4jpassword"

This will process the data in neo4j and output 3 csv reports in the current working directory.

Demo

Documentation

All documentation can be found in the wiki

Acknowledgments

  • The py2neo project which makes this possible.
  • The PlumHound project which gave me the idea of creating something similar which suited my needs.
  • The aclpwn for the idea around exploit cost.
  • The Bloodhound Gang Slack channel for Cypher help.
  • The BloodHound project for changing the world and for continuing their support for the Open-Source community even when having a commercial offering.