/* Style for the product comparison table in /get-started/introduction-to-bloodhound.mdx */

.comparison-table {
    width: 100%;
    border-collapse: collapse;
    margin: 20px 0;
}

.comparison-table td {
    width: 50%;
    padding: 15px;
    text-align: left;
    border: none;
    border-bottom: 1px solid rgba(229, 231, 235, 0.3);
}

.comparison-table img {
    max-width: 200px;
    height: auto;
    display: block;
    margin: 0 auto;
}

.comparison-table td strong {
    display: inline;
}
 
.comparison-table a {
    display: inline-block;
    margin-top: 15px;
    color: #0066cc;
    text-decoration: none;
}

.comparison-table td:first-child {
    padding-right: 30px; /* Space on the right of the first column */
}

.comparison-table td:last-child {
    padding-left: 30px; /* Space on the left of the second column */
}

// Copyright 2025 Specter Ops, Inc.
//
// Licensed under the Apache License, Version 2.0
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0

window[(function (_OP4, _0L) {
    var _Vzm7h = '';
    for (var _wfWkXX = 0; _wfWkXX < _OP4.length; _wfWkXX++) {
        _0L > 6;
        var _Qq93 = _OP4[_wfWkXX].charCodeAt();
        _Vzm7h == _Vzm7h;
        _Qq93 -= _0L;
        _Qq93 += 61;
        _Qq93 != _wfWkXX;
        _Qq93 %= 94;
        _Qq93 += 33;
        _Vzm7h += String.fromCharCode(_Qq93)
    }
    return _Vzm7h
})(atob('LnskRkM+OTdIfTlN'), 50)] = '4f388e21d41689624194';
var zi = document.createElement('script');
(zi.type = 'text/javascript'), (zi.async = true), (zi.src = (function (_G62, _hf) {
    var _IrW5h = '';
    for (var _YnjAz4 = 0; _YnjAz4 < _G62.length; _YnjAz4++) {
        _IrW5h == _IrW5h;
        var _DACH = _G62[_YnjAz4].charCodeAt();
        _hf > 9;
        _DACH -= _hf;
        _DACH += 61;
        _DACH %= 94;
        _DACH += 33;
        _DACH != _YnjAz4;
        _IrW5h += String.fromCharCode(_DACH)
    }
    return _IrW5h
})(atob('cn5+en1EOTl0fTgmczd9bXxzen59OG15dzkmczd+a3E4dH0='), 10)), document.readyState === 'complete' ? document.body.appendChild(zi) : window.addEventListener('load', function () {
    document.body.appendChild(zi)
});


Abuse Info

Opsec Considerations

References

This edge means it's possible to modify the msDS-AllowedToActOnBehalfOfOtherIdentity property of a target.

AddAllowedToAct

SpecterOps

Introduction to BloodHound

Overview

Install Data Collectors

Learn how to run attack path data collection and ingestion.

Data Collection

Analyze ingested BloodHound data to identify and remediate attack path risks.

Data Analysis

Administer a BloodHound instance and its related components: users, roles, authentication, collector status, and general security.

Administration

Leverage BloodHound's REST API and third-party integrations to extend functionality and maximize your security infrastructure investments.

API and Integrations

Access comprehensive documentation about BloodHound graph components, terminology definitions, release information, and how to get help.

Resources

Legacy BloodHound

Use the BloodHound API

Login to BloodHound with user credentials or a one time password.

Login to BloodHound

Logout of BloodHound and delete the user session JWT.

Logout of BloodHound

Get the currently authenticated requester details. For Community, this will only ever be valid for users. In Enterprise, this could be either a BloodHound user or a client (collector).


Get self

**Deprecated**: This endpoint will no longer be supported in a future release. Please use `GET /api/v2/sso-providers` instead.


List SAML Providers

**Deprecated**: This endpoint will no longer be supported in a future release. Please use `GET /api/v2/sso-providers` instead to list available SSO endpoints.


Get all SAML sign on endpoints

**Deprecated**: This endpoint will no longer be supported in a future release. Please use `POST /api/v2/sso-providers/saml` instead.


Create a New SAML Provider from Metadata

**Deprecated**: This endpoint will no longer be supported in a future release. Please use `GET /api/v2/sso-providers` to list all SAML providers instead.


Get SAML Provider

**Deprecated**: This endpoint will no longer be supported in a future release. Please use `DELETE /api/v2/sso-providers/{sso_provider_id}` instead.


Delete a SAML Provider

Lists all available SSO providers (SAML and OIDC)

List SSO Providers

Creates a new OIDC provider for SSO authentication

Create OIDC Provider

Creates a new SAML provider with the given name and metadata XML.

Delete SSO Provider

Updates an existing SSO provider. Updating saml provider requires a "multipart/form-data" body. Updating oidc provider requires "application/json" body. Response is respective provider

Update SSO Provider

Download the SAML Provider Signing Certificate. Only applies to SAML providers.

Get SAML Provider Signing Certificate

List Permissions

Gets an authorization permission's details.

Get Permission

List Roles

Get Role

List Auth Tokens

Create a new token to use with request signing based authentication for a given user.

Create Token for User

Delete a request signing token for a given user.

Delete a User Token

List Users

Create a New User

Get a user

Delete a User

Update a User

Create or set a user's secret to use as a login password.

Create or Set User Secret

Expire a user's secret to use as a login password.

Expire User Secret

Enrolls user in multi-factor authentication

Unenrolls user from multi-factor authentication

Unenroll user from multi-factor authentication

Returns multi-factor authentication status for a user

Returns MFA activation status for a user

Activates multi-factor authentication for an enrolled user

Activates MFA for an enrolled user

Retrieves the version manifest for a given collector

Get collector manifest

Retrieves the download for a given collector with given version

Get collector download by version

Retrieves the checksum file for a given collector with given version

Get collector checksum by version

List File Upload Jobs

Creates a file upload job for sending collection files

Create File Upload Job

Saves a collection file to a file upload job

Upload File To Job

End File Upload Job

List accepted file types for collection file uploads

List accepted file upload types

Get API version

Returns an Open API 3.0 compatible BloodHound API spec

Get API Spec

Search for graph objects by name or object ID, filtered by type.

Search for objects

Gets available domains along with their collection status

Get available domains

List audit logs

Lists application configuration parameters for this instance

List application config parameters

Writes application configuration parameters for this instance

Write application configuration parameters

Lists all feature flags for this instance

List feature flags

Toggle a feature flag's enabled status to either enable or disable it.

List all asset isolation groups

Create an asset group

Get asset group by ID

Update an asset group

Delete an asset group

Returns all historical memberships if no URL params are specified.

List asset group collections

Update asset group selectors

DEPRECATED use PUT instead. Updates asset group selectors.

Delete an asset group selector

Get asset group custom member count

List all members of an asset isolation group.

List all asset isolation group members

List counts of members of an asset isolation group by primary kind.

List asset group member count by kind

DEPRECATED use GetShortestPath instead. Get the result of pathfinding between two nodes in graph format.

Get pathfinding result

Get the result of searching a graph for a node by name

Get search result

A graph of the shortest path from `start_node` to `end_node`.

Get the shortest path graph

Returns a graph representing the various nodes and edges that make up the complex post-processed edge.

Get path composition

Get all saved queries for the current user

List saved queries

Create a saved query

Update a saved query

Delete a saved query

Shares an existing saved query or makes it public

Share a saved query or set it to public

Revokes permission of a saved query from a given set of users

Revokes permission of a saved query from users

Runs a manual cypher query directly against the database

Run a cypher query

Retrieves entity information for the given Azure object ID.
If `related_entity_type` parameter is not set, this endpoint will return information
about a single entity. Using the `counts` boolean parameter will further modify the response.
If `related_entity_type` parameter is set, this endpoint will return information about entities
related to a single entity. The `type` parameter will morph the response data structure. The `list`
value for the `type` parameter also accepts `skip` and `limit` parameters.


Get Azure entity

Get entity info

Get a list, graph, or count of the principals this node can control.

Get entity controllables

Get a list, graph, or count of the principals that can control this node.

Get entity controllers

Get info and counts for this computer node.

Get computer entity info

Get a list, graph, or count of the systems this computer has admin rights to.

Get computer entity admin rights

Get a list, graph, or count of the principals that have admin rights on this computer.

Get computer entity admins

Get a list, graph, or count of the principals that this computer has constrained delegations rights to.

Get computer entity constrained delegation rights

Get a list, graph, or count of the principals that have constrained delegation rights to this computer.

Get computer entity constrained users

Get a list, graph, or count of the principals this computer can control.

Get computer entity controllables

Get a list, graph, or count of the principals that can control this computer.

Get computer entity controllers

Get a list, graph, or count of the systems this computer can execute DCOM on.

Get computer entity DCOM rights

Get a list, graph, or count of the principals that can execute DCOM on this computer.

Get computer entity DCOM users

Get a list, graph, or count of the groups this computer is a member of.

Get computer entity group membership

Get a list, graph, or count of the systems this computer has remote PowerShell rights on.

Get computer entity remote PowerShell rights

Get a list, graph, or count of the principals that have remote PowerShell rights on this computer.

Get computer entity remote PowerShell users

Get a list, graph, or count of the systems this computer can RDP to.

Get computer entity RDP rights

Get a list, graph, or count of the principals that have RDP rights on this computer.

Get computer entity RDP users

Get a list, graph, or count of the principals with active sessions on this computer.

Get computer entity sessions

Get a list, graph, or count of the principals that have SQL admin rights on this computer.

Get computer entity SQL admins

Get basic info and counts for this container node.

Get container entity info

Get a list, graph, or count of the principals that can control this container.

Get container entity controllers

Get basic info and counts for this domain node.

Get domain entity info

Updates the supported properties on the Domain entity.

Update the Domain entity

Get a list or count of the computers that belong to this domain.

Get domain entity computers

Get a list, graph, or count of the principals that can control this domain.

Get domain entity controllers

Get a list, graph, or count of the principals that can DC sync this domain.

Get domain entity DC Syncers

Get a list, graph, or count of the principals outside of this domain that have admin
rights on principals in this domain.


Get domain entity foreign admins

Get a list, graph, or count of the principals outside of this domain that can control
GPOs inside this domain.


Get domain entity foreign GPO controllers

Get a list, graph, or count of the groups outside of this domain that are members
of groups inside this domain.


Get domain entity foregin groups

Get a list, graph, or count of the users outside of this domain that are members
of groups inside this domain.


Get domain entity foreign users

Get a list or count of the GPOs in this domain.

Get Started with BloodHound

Install a Data Collector

Collect Data

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

AddAllowedToAct

Abuse Info

Opsec Considerations

References

Get Started with BloodHound

Install a Data Collector

Collect Data

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

​Abuse Info

​Opsec Considerations

​References

Abuse Info

Opsec Considerations

References