ExchangeHound Samples

Sample data and reproducible test-lab scenarios for demonstrations built around the ExchangeHound collector.

Related Repository

• Collector repository: ExchangeHound (separate repo, script + model + query pack)
• Use this samples repo for demo JSON and lab scenario scripts that support ExchangeHound

What This Repository Contains

• sample_data/: pre-generated JSON exports for demo and validation flows
• test-lab/scenarios/: scenario scripts for seeding and cleanup in a dedicated AD + Exchange lab
• HOW_TO_INGEST.md: import workflow for BloodHound CE/OpenGraph

Intended Use

This repository is for lab and educational use only. The scripts intentionally create risky Exchange/AD configurations to validate detection and graphing workflows.

Do not run these scripts in production.

Quick Start

1. Use a dedicated lab with Domain Controller + Exchange on-prem.
2. Run scenario seed scripts from test-lab/scenarios/:
   • *_DC.ps1 on the Domain Controller
   • *_EX.ps1 on the Exchange host
3. Run the collector from the separate exchangehound repository:
   • .\ExchangeHound.ps1 -CollectAll -OutputPath .\ExchangeHound_demo.json
4. Copy output JSON into sample_data/.
5. Follow HOW_TO_INGEST.md to import into BloodHound.
6. Run cleanup scripts after testing.

Repository Layout

exchangehound_samples/
  sample_data/
    *.json
    .env.example (template only, no real credentials)
  test-lab/
    README.md
    scenarios/
      UC*_*.ps1
      ALL_Scenarios_*.ps1
      Cleanup_Scenarios_*.ps1
  HOW_TO_INGEST.md
  README.md
  .gitignore

Compatibility

• Works with data collected by the exchangehound project.
• Keep sample outputs and scripts aligned to the same collector version when publishing releases.

Security Notes

• Never commit real credentials, hostnames, or internal IPs.
• Treat all sample exports as potentially sensitive before publishing.
• If you generate new demo JSON, review and sanitize naming as needed.