Introducing BloodHound Scentry: Accelerate your APM practice. Learn More
Back to Resource Center
Open-source Tools

Proxywatch

ProxyWatch is a Windows userland network inspection tool that labels processes by role (tunnels, proxies, beacons) using TCP/UDP state and process context which does not require kernel drivers, ETW, or packet capture.

ProxyWatch is built to be tuned for your environment. The ProxyWatch (Agent) is a service that runs on remote endpoints and streams the results into a central ProxyWatch UI.

View on GitHub
Proxywatch

Explore other tools

BloodHound Community Edition

Manage Identity Attack Paths across your hybrid environment and remove the adversary’s favorite target.

BloodHound Community Edition

Read more

Nemesis

Nemesis functions as an "offensive VirusTotal," automatically processing files collected during security assessments through an extensive pipeline of specialized analyzers.

Nemesis

Read more

Ghostwriter

Ghostwriter is a Django web app for red teams to track projects, clients, assets, reports, and evidence.

Ghostwriter

Read more

Mythic

Mythic is an open-source Command and Control (C2) framework designed around a microservice architecture.

Mythic

Read more

Join the conversation

Learn from others and share your story on the BloodHoundGang Slack Community

More info

You might also be interested in

Cover image from the BloodHound Scentry Datasheet
Datasheets

Introducing BloodHound Scentry

Accelerate your APM practice with expert guidance and extended team capacity

Read more

Datasheets

Introducing BloodHound Enterprise On-Premises

Identity compromises are an existential threat to all organizations, regardless of industry or vertical with over 97% of breaches leveraging an identity attack path.

Read more

Case Studies

Regional Hospital System Fills Gap in Identity Risk Reduction

A U.S. Healthcare Organization Eliminated Hidden Privilege Escalation Chains with BloodHound Enterprise

Read more