Attackers think in graphs, defenders think in actions, management think in charts.
GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths.
For a very quick start with most of the default options, make sure you have your neo4j server running and loaded with SharpHound data and run:
pip install goodhound
goodhound -p "neo4jpassword"
This will process the data in neo4j and output 3 csv reports in the current working directory.
All documentation can be found in the wiki
- The py2neo project which makes this possible.
- The PlumHound project which gave me the idea of creating something similar which suited my needs.
- The aclpwn for the idea around exploit cost.
- The Bloodhound Gang Slack channel for Cypher help.
- The BloodHound project for changing the world and for continuing their support for the Open-Source community even when having a commercial offering.