PowerShell client for BloodHound Community Edition and BloodHound Enterprise
Learn more:
- Release blog post: BloodHound Operator — Dog Whispering Reloaded
- Presentation at PowerShell Conference Europe: The Dog Ate My Homework - A new chapter in my BloodHound adventures with PowerShell
Create an API token ID/Key pair from the BloodHound browser UI - in Working with the BloodHound API follow either section:
- Create a non-personal API key/ID pair
- Create a personal API Key/ID pair
Copy the generated TokenID to your clipbard, then load to variable
# Get id from clipboard
$BHTokenID = Get-ClipboardCopy the generated TokenKey to your clipbard, then load to variable as SecureString
# Get key from Clipboard
$BHTokenKey = Get-Clipboard | Convertto-SecureString -AsPlainText -ForceCreate BHSession (BHCE)
# Create Session - BHCE, defaults to 127.0.0.1
New-BHSession -TokenID $BHTokenID -Token $BHTokenKey-or-
Create BHSession (BHE)
# Create Session - BHE
New-BHSession -Server test.bloodhoundenterprise.io -TokenID $BHETokenID -Token $BHETokenKeyCheck Session Object
# Check Session
BHSession | ftList BloodHoundOperator Cmdlets, or check OperatorCheat.md
# Cmdlet Cheat
BHHelp
# Online
BHHelp -OnlineCheck current user (Whoami)
# Whoami
BHRole -Whoami
BHOperator -WhoamiRun Cypher query
# List Kerberoastable users
BHCypher -Query 'MATCH (n:User) WHERE n.hasspn=true RETURN n'