SpecterOps/BloodHoundQueryLibrary external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SpecterOps/BloodHoundQueryLibrary

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SpecterOps/BloodHoundQueryLibrary)

Close

SpecterOps / BloodHoundQueryLibraryView on GitHubMore

• External links
• Readme badge

A community-driven collection of BloodHound queries

☆193Jun 4, 2026Updated this week

Alternatives and similar repositories for BloodHoundQueryLibrary

Users that are interested in BloodHoundQueryLibrary are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• CompassSecurity / bloodhoundce-resources

  View on GitHub
  ☆108Feb 24, 2026Updated 3 months ago
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆71Jun 29, 2025Updated 11 months ago
• SpecterOps / bloodhound-cli

  View on GitHub
  ☆112Apr 23, 2026Updated last month
• coffeegist / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆395Apr 26, 2026Updated last month
• exploide / bhcli

  View on GitHub
  CLI tool to interact with the BloodHound CE API
  ☆74May 24, 2026Updated 2 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• g0h4n / RustHound-CE

  View on GitHub
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆512Jan 15, 2026Updated 4 months ago
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Jul 1, 2025Updated 11 months ago
• decoder-it / printerbugnew

  View on GitHub
  The DCERPC only printerbug.py version
  ☆219Oct 30, 2025Updated 7 months ago
• safedv / RustSoliloquy

  View on GitHub
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Apr 26, 2025Updated last year
• MythicAgents / forge

  View on GitHub
  Command Augmentation support for BOFs and .NET assemblies across agents
  ☆46May 6, 2026Updated last month
• werdhaihai / msi_lateral_mv

  View on GitHub
  Lateral Movement Bof with MSI ODBC Driver Install
  ☆149Sep 30, 2025Updated 8 months ago
• ZephrFish / pyLDAPGui

  View on GitHub
  Python based GUI for browsing LDAP
  ☆181Dec 7, 2025Updated 6 months ago
• cybrly / badsuccessor

  View on GitHub
  ☆121May 29, 2025Updated last year
• 0xthirteen / WMI_Proc_Dump

  View on GitHub
  Dump processes over WMI with MSFT_MTProcess
  ☆85Feb 13, 2026Updated 3 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• cogiceo / GPOHound

  View on GitHub
  Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data
  ☆376May 18, 2026Updated 3 weeks ago
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆557May 9, 2025Updated last year
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆151Feb 10, 2025Updated last year
• gsmith257-cyber / better-sliver

  View on GitHub
  Adversary Emulation Framework
  ☆130Jul 1, 2025Updated 11 months ago
• t94j0 / adexplorersnapshot-rs

  View on GitHub
  ☆96Apr 27, 2026Updated last month
• zimedev / certipy-merged

  View on GitHub
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆167Apr 17, 2025Updated last year
• grayhatkiller / SharpExShell

  View on GitHub
  SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
  ☆75May 1, 2024Updated 2 years ago
• synacktiv / Prox-Ez

  View on GitHub
  ☆109Feb 11, 2026Updated 3 months ago
• MythicAgents / bloodhound

  View on GitHub
  Bloodhound agent for Mythic
  ☆24Apr 19, 2025Updated last year
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆164May 5, 2025Updated last year
• MorDavid / vCenterHound

  View on GitHub
  Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges
  ☆183Aug 13, 2025Updated 9 months ago
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆390Oct 14, 2025Updated 7 months ago
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆883Feb 3, 2024Updated 2 years ago
• BlackSnufkin / DeadManSwitch

  View on GitHub
  DeadManSwitch in rust with several triggers (remote local and network)
  ☆19Nov 19, 2025Updated 6 months ago
• ttpreport / ligolo-mp

  View on GitHub
  Multiplayer pivoting solution
  ☆516Apr 29, 2026Updated last month
• SpecterOps / MSSQLHound

  View on GitHub
  Go (formerly PowerShell) collector for adding MSSQL attack paths to BloodHound with OpenGraph
  ☆331May 7, 2026Updated last month
• xforcered / SoaPy

  View on GitHub
  SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆264Feb 21, 2025Updated last year
• synacktiv / GPOddity

  View on GitHub
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆366Dec 13, 2025Updated 5 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• tehstoni / RustyDumper

  View on GitHub
  Process dumper wrote in rust.
  ☆14Sep 16, 2024Updated last year
• 1r0BIT / TaskHound

  View on GitHub
  Tool to enumerate privileged Scheduled Tasks on Remote Systems
  ☆301Mar 29, 2026Updated 2 months ago
• trustedsec / DitExplorer

  View on GitHub
  Tool for viewing NTDS.dit
  ☆203Mar 14, 2025Updated last year
• nettitude / SharpConflux

  View on GitHub
  ☆65Mar 15, 2024Updated 2 years ago
• vari-sh / RedTeamGrimoire

  View on GitHub
  🔥📜 Forbidden collection of Red Team sorcery 📜🔥
  ☆390Mar 23, 2026Updated 2 months ago
• fortalice / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆406Feb 23, 2024Updated 2 years ago
• temp43487580 / EntraPassTheCert

  View on GitHub
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆135Aug 23, 2025Updated 9 months ago