OpenGraph Library
1Password
1Password
1PassHound
DescriptionThe 1Password for Business OpenGraph extension lets you bring your 1Password ACL data into BloodHound’s graph‑analysis framework.Whether you’re auditing permissions, responding to incidents, or simply exploring your 1Password configuration, this extension brings clarity, control and rich visualization to your vaults and items.Authors/MaintainersRepoAnsible
Ansible
AnsibleHound
DescriptionAnsibleHound is a BloodHound OpenGraph collector for Ansible AWX and Ansible Tower. The collector is designed to map the structure and permissions of your organization into a navigable attack-path graph.Authors/MaintainersRepoGitHub
GitHub
GitHound
DescriptionGitHound is a BloodHound OpenGraph collector for GitHub, designed to map your organization’s structure and permissions into a navigable attack‑path graph.With GitHound, you get a clear, interactive graph of your GitHub permissions landscape—perfect for security reviews, compliance audits, and rapid incident investigations.Authors/MaintainersRepoGithHoundPy
DescriptionA python implementation of the GitHound collector for BloodHound OpenGraph. This project aims to stay in sync with the main PowerShell version.Credit and tons of props to the SpecterOps team for the main implementation, for a detailed breakdown on the features check the main repoAuthors/MaintainersRepoJamfHound
JamfHound
JamfHound
DescriptionJamfHound is a python3 project designed to collect and identify attack-paths in Jamf Pro tenants for privilege escalation and lateral movement based on existing object permissions. The collector saves data as JSON for ingestion into BloodHound to easily visualize and evaluate the risks of compromise within the Jamf Pro tenant.Authors/MaintainersRepoMSSQL
MSSQL
MSSQLHound
DescriptionCollects BloodHound OpenGraph compatible data from one or more MSSQL servers into individual temporary files, then zips them in the current directory.Authors/MaintainersRepoSCCM
SCCM
SCCM_SQL_Collector
DescriptionPoC script to collect SCCM attack paths from a SCCM site DB. Credits to @sanjivkawa for SQLRecon, which is where most of the scaffolding code to allow for connecting to SQL came from (thanks Sanj!)Authors/MaintainersRepoSnowflake
Snowflake
SnowHound
DescriptionThe BloodHound extension for Snowflake tenants enables organizations to visualize their Snowflake environment by mapping key elements such as Users, Databases, Roles, Warehouses, and Integrations, along with the permissions that connect them.This provides a comprehensive view of access and potential attack paths within the Snowflake tenant, empowering security teams to identify vulnerabilities and better manage their environment’s security posture.Authors/MaintainersRepovCenter
vCenter
vCenterHound
DescriptionvCenterHound connects to one or more vCenters, collects infrastructure entities (Datacenter/Cluster/Host/VM/Network/Datastore, etc.) and permissions (Roles/Users/Groups/Assignments), then builds a BloodHound‑compatible JSON graph with Custom Nodes/Edges. The model.json file provides icons and styles for these custom kinds.Authors/MaintainersRepoOpenGraph Tools
bhopengraph
Description This module provides Python classes for creating and managing graph structures that are compatible with BloodHound OpenGraph. The classes follow the BloodHound OpenGraph schema and best practices. If you don’t know about BloodHound OpenGraph yet, a great introduction can be found here: https://bloodhound.specterops.io/opengraph/best-practices The complete documentation of this library can be found here: https://bhopengraph.readthedocs.io/en/latest/ Authors/Maintainers RepoBloodHoundOperator
Description PowerShell client for BloodHound Community Edition and BloodHound Enterprise Learn more:- Release blog post: BloodHound Operator — Dog Whispering Reloaded
- Presentation at PowerShell Conference Europe: The Dog Ate My Homework - A new chapter in my BloodHound adventures with PowerShell