Alternatives and similar repositories for BloodHound-Tools

Users that are interested in BloodHound-Tools are comparing it to the libraries listed below

• BloodHoundAD / SharpHound2

  View on GitHub
  The Old BloodHound C# Ingestor (Deprecated)
  ☆512Jun 22, 2022Updated 3 years ago
• SpecterOps / BloodHound-Legacy

  View on GitHub
  Six Degrees of Domain Admin
  ☆10,537Aug 1, 2025Updated 6 months ago
• Kevin-Robertson / InveighZero

  View on GitHub
  .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
  ☆811Aug 28, 2022Updated 3 years ago
• dirkjanm / BloodHound.py

  View on GitHub
  A Python based ingestor for BloodHound
  ☆2,335Oct 24, 2025Updated 3 months ago
• BloodHoundAD / SharpHound3

  View on GitHub
  C# Data Collector for the BloodHound Project, Version 3
  ☆550Jun 22, 2022Updated 3 years ago
• hausec / Bloodhound-Custom-Queries

  View on GitHub
  Custom Query list for the Bloodhound GUI based off my cheatsheet
  ☆836Oct 29, 2025Updated 3 months ago
• BloodHoundAD / Legacy-AzureHound.ps1

  View on GitHub
  ☆149Jul 22, 2021Updated 4 years ago
• chryzsh / awesome-bloodhound

  View on GitHub
  A curated list of awesome BloodhoundAD resources
  ☆238Oct 13, 2022Updated 3 years ago
• leechristensen / SpoolSample

  View on GitHub
  PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as w…
  ☆1,086May 29, 2024Updated last year
• dirkjanm / adconnectdump

  View on GitHub
  Dump Azure AD Connect credentials for Azure AD and Active Directory
  ☆779Aug 26, 2025Updated 5 months ago
• seajaysec / cypheroth

  View on GitHub
  Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
  ☆255Jul 29, 2021Updated 4 years ago
• Coalfire-Research / Vampire

  View on GitHub
  Vampire is an aggressor script which integrates with BloodHound to mark nodes as owned.
  ☆79Apr 6, 2021Updated 4 years ago
• davidprowe / BadBlood

  View on GitHub
  BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of…
  ☆2,220Jun 7, 2023Updated 2 years ago
• hausec / ADAPE-Script

  View on GitHub
  Active Directory Assessment and Privilege Escalation Script
  ☆1,130Dec 7, 2022Updated 3 years ago
• gdedrouas / Exchange-AD-Privesc

  View on GitHub
  Exchange privilege escalations to Active Directory
  ☆804Apr 23, 2023Updated 2 years ago
• idnahacks / GoodHound

  View on GitHub
  Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
  ☆482Jul 9, 2024Updated last year
• sense-of-security / ADRecon

  View on GitHub
  ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the…
  ☆1,885Jun 15, 2020Updated 5 years ago
• vysecurity / ANGRYPUPPY

  View on GitHub
  Bloodhound Attack Path Automation in CobaltStrike
  ☆325Apr 26, 2020Updated 5 years ago
• dirkjanm / ROADtools

  View on GitHub
  A collection of Azure AD/Entra tools for offensive and defensive security purposes
  ☆2,515Feb 5, 2026Updated last week
• mandiant / ADFSpoof

  View on GitHub
  ☆410Updated this week
• GhostPack / SharpDPAPI

  View on GitHub
  SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.
  ☆1,390Jun 27, 2024Updated last year
• dirkjanm / krbrelayx

  View on GitHub
  Kerberos relaying and unconstrained delegation abuse toolkit
  ☆1,526Jan 27, 2025Updated last year
• GhostPack / SharpRoast

  View on GitHub
  DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.
  ☆253Sep 25, 2018Updated 7 years ago
• zeronetworks / BloodHound-Tools

  View on GitHub
  Collection of tools that reflect the network dimension into Bloodhound's data
  ☆447Oct 19, 2022Updated 3 years ago
• NetSPI / PowerUpSQL

  View on GitHub
  PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
  ☆2,683Dec 12, 2024Updated last year
• G0ldenGunSec / PowerPriv

  View on GitHub
  A Powershell implementation of PrivExchange designed to run under the current user's context
  ☆125Jan 31, 2019Updated 7 years ago
• fox-it / aclpwn.py

  View on GitHub
  Active Directory ACL exploitation with BloodHound
  ☆757Nov 18, 2021Updated 4 years ago
• fox-it / Invoke-ACLPwn

  View on GitHub
  ☆526Sep 15, 2022Updated 3 years ago
• GoFetchAD / GoFetch

  View on GitHub
  GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
  ☆634Jun 20, 2017Updated 8 years ago
• PlumHound / PlumHound

  View on GitHub
  Bloodhound Reporting for Blue and Purple Teams
  ☆1,274Nov 15, 2025Updated 3 months ago
• GhostPack / Rubeus

  View on GitHub
  Trying to tame the three-headed dog.
  ☆4,869Nov 14, 2025Updated 3 months ago
• anthemtotheego / SharpCradle

  View on GitHub
  ☆281Dec 30, 2020Updated 5 years ago
• b4rtik / ATPMiniDump

  View on GitHub
  Evading WinDefender ATP credential-theft
  ☆256Dec 2, 2019Updated 6 years ago
• sixdub / DomainTrustExplorer

  View on GitHub
  Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.
  ☆121Aug 18, 2020Updated 5 years ago
• porterhau5 / BloodHound-Owned

  View on GitHub
  A collection of files for adding and leveraging custom properties in BloodHound.
  ☆186Nov 28, 2019Updated 6 years ago
• jaredhaight / WindowsAttackAndDefenseLab

  View on GitHub
  ☆167Feb 13, 2020Updated 6 years ago
• outflanknl / Spray-AD

  View on GitHub
  A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
  ☆441Apr 1, 2022Updated 3 years ago
• gentilkiwi / kekeo

  View on GitHub
  A little toolbox to play with Microsoft Kerberos in C
  ☆1,505Dec 14, 2021Updated 4 years ago
• outflanknl / Invoke-ADLabDeployer

  View on GitHub
  Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.
  ☆492Feb 16, 2019Updated 6 years ago