Collecting Bloodhound Information:

​

*  Assumes neo4j and Bloodhound are installed already

​

Using Cobalt Strike Beacon:

• ​Move to a file location with write access:

  • cd\users\{user}\downloads​   # User Context

  • cd\temp    *System Context

• Import Bloodhound into Beacon:

  • powershell-import /path/to/SharpHound.ps1

• Initiate Bloodhound Collection & Export

  • Manual Download:  powershell -Exec Bypass Get-SharpHoundData | Export-BloodHoundCSV ​

  • Pass Direct to neo4j:  

​​

Run Bloodhound from Non-Domain Joined PC:

• Open Cmd Prompt as Domain User:

  • ​runas /netonly /noprofile /user:domain\user cmd.exe  
          <--- Prompts for pswd

  • SharpHound.exe --DomainController 192.168.1.1 --Domain acme.com -c All ​

​

Placeholder - more to come!:

 

​