GoodHound - Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths For Targeted Remediation

2 years ago 151

BOOK THIS SPACE FOR AD

ARTICLE AD

Attackers think in graphs, defenders think in actions, management think in charts.

GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths.

Usage

Quick Start

For a very quick start with most of the default options, make sure you have your neo4j server running and loaded with SharpHound data and run:

pip install goodhound
goodhound -p "neo4jpassword"

This will process the data in neo4j and output 3 csv reports in the current working directory.

Documentation

All documentation can be found in the wiki

Acknowledgments

The py2neo project which makes this possible. The PlumHound project which gave me the idea of creating something similar which suited my needs. The aclpwn for the idea around exploit cost. The Bloodhound Gang Slack channel for Cypher help. The BloodHound project for changing the world and for continuing their support for the Open-Source community even when having a commercial offering.

GoodHound - Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths For Targeted Remediation Reviewed by Zion3R on 5:30 PM Rating: 5