BloodHound Community Edition
The Originator of Identity Attack Path Discovery
Since its inception, BloodHound has been the trusted choice for security professionals who need to understand, discover, and visualize Identity Attack Paths. Built by practitioners for practitioners, BloodHound reveals the complex web of relationships and configurations that attackers exploit — providing unmatched depth and accuracy in attack path discovery.
Trusted by the global security community:
- Used by top Red Teams worldwide
- 20,000+ monthly downloads
- Recommended by CISA and MITRE for Attack Path discovery (See CISA Advisory)
See the Unseen
BloodHound applies graph theory to expose hidden — and often unintended — identity relationships across your environment. Instead of relying on time-consuming manual analysis, practitioners use BloodHound to instantly identify the fastest and quietest path from standard user to domain admin.
With BloodHound, you can:
Reveal complex attack paths to critical assets
Enumerate privileged relationships and identity topology
Identify abusable conditions in Active Directory, Azure AD, and beyond
Build your expertise with training and shared community knowledge
Fast. Reliable. Flexible.
BloodHound uncovers and analyzes attack paths in minutes — not weeks.
Key capabilities:
Multiple flexible deployment options
Deep detection of abusable configurations across ADCS, NTLM, and Azure PIM Roles
Native support on Kali Linux
Graph expansion powered by the BloodHound OpenGraph Project
Community-Driven, Community-Focused
BloodHound thrives because of its community. Together, they share knowledge, drive innovation, and shape the future of identity security.
Community highlights:
Active collaboration in the BloodHound Gang Slack
Research-driven open-source tools from the SpecterOps team
Meetups at Black Hat, DEF CON, and global security events
USER TESTIMONIALS
From the community
Finding hybrid users not having privileged roles in Entra but owning groups with privileged roles in it, this way finding a user which can reset passwords and mfa of privileged accounts, pwn the tenant.
I found a domain user had generic write access to the enterprise admins group via its ACL. Without BloodHound, I would not have spotted this.
I remember seeing 68 Users in the domain admins group where like over 10 where kerberoastable with easy passwords. Literally half the company was DA.
Introducing BloodHound OpenGraph: Attack Path Visibility Enhanced
Attack paths don’t stop at Active Directory.
They traverse the entire technology stack — from applications to cloud services. BloodHound OpenGraph takes Identity Attack Path Management to the next level by mapping cross-silo relationships and exposing how attackers truly move across systems.
Developed alongside the SpecterOps Research Team and the BloodHound Community, OpenGraph surfaces new threat models unique to modern environments, enabling defenders to understand and mitigate lateral movement like never before.
Take It Further with BloodHound Enterprise
You already trust BloodHound to find abusable identity relationships. BloodHound Enterprise turns that insight into an ongoing Identity Attack Path Management program — helping security and identity teams continuously identify, prioritize, and safely remediate attack paths.
Explore BloodHound EnterpriseCommunity Edition vs. Enterprise
|
|
Community Edition |
Enterprise |
|
Audience |
Pen testers, researchers |
Security, identity, and risk teams |
|
Value Delivered |
Tactical insight into identity attack paths |
Continuous reduction of identity-based attack surface |
|
Business Impact |
Informs assessments and engagements |
Improves posture, reduces breach likelihood, supports compliance |
|
Deployment |
Manual setup and data collection |
Automated, enterprise-scale deployment |
|
Scale & Performance |
Best for time-bound engagements |
Designed for complex, global environments |
|
Remediation Guidance |
Community knowledge, manual fixes |
Safe, prioritized, and tested actions aligned to business risk |
|
Support |
Community-driven |
Dedicated TAM, enterprise support, roadmap assurance |
Expand Your Research
Extend your reach and impact with additional open-source tools developed by the SpecterOps team.