SpecterOps/BloodHoundQueryLibrary external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SpecterOps/BloodHoundQueryLibrary

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SpecterOps/BloodHoundQueryLibrary)

Close

SpecterOps / BloodHoundQueryLibraryView on GitHubMore

• External links
• Readme badge

A community-driven collection of BloodHound queries

☆181Apr 15, 2026Updated 2 weeks ago

Alternatives and similar repositories for BloodHoundQueryLibrary

Users that are interested in BloodHoundQueryLibrary are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• CompassSecurity / bloodhoundce-resources

  View on GitHub
  ☆106Feb 24, 2026Updated 2 months ago
• Teach2Breach / pool_party_rs

  View on GitHub
  remote process injections using pool party techniques
  ☆71Jun 29, 2025Updated 10 months ago
• SpecterOps / bloodhound-cli

  View on GitHub
  ☆110Updated this week
• exploide / bhcli

  View on GitHub
  CLI tool to interact with the BloodHound CE API
  ☆71Mar 6, 2026Updated last month
• coffeegist / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆382Updated this week
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• g0h4n / RustHound-CE

  View on GitHub
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆492Jan 15, 2026Updated 3 months ago
• decoder-it / printerbugnew

  View on GitHub
  The DCERPC only printerbug.py version
  ☆217Oct 30, 2025Updated 5 months ago
• xforcered / RemoteMonologue

  View on GitHub
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆275Jul 1, 2025Updated 9 months ago
• safedv / RustSoliloquy

  View on GitHub
  A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …
  ☆191Apr 26, 2025Updated last year
• MythicAgents / forge

  View on GitHub
  Command Augmentation support for BOFs and .NET assemblies across agents
  ☆42Mar 17, 2026Updated last month
• werdhaihai / msi_lateral_mv

  View on GitHub
  Lateral Movement Bof with MSI ODBC Driver Install
  ☆149Sep 30, 2025Updated 6 months ago
• ZephrFish / pyLDAPGui

  View on GitHub
  Python based GUI for browsing LDAP
  ☆181Dec 7, 2025Updated 4 months ago
• cybrly / badsuccessor

  View on GitHub
  ☆120May 29, 2025Updated 11 months ago
• cogiceo / GPOHound

  View on GitHub
  Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data
  ☆364Apr 8, 2026Updated 3 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• 0xthirteen / WMI_Proc_Dump

  View on GitHub
  Dump processes over WMI with MSFT_MTProcess
  ☆85Feb 13, 2026Updated 2 months ago
• xRedCodex / BofArsenal

  View on GitHub
  The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
  ☆23Jun 19, 2025Updated 10 months ago
• ricardojoserf / TrickDump

  View on GitHub
  Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
  ☆551May 9, 2025Updated 11 months ago
• logangoins / Stifle

  View on GitHub
  .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
  ☆150Feb 10, 2025Updated last year
• gsmith257-cyber / better-sliver

  View on GitHub
  Adversary Emulation Framework
  ☆130Jul 1, 2025Updated 9 months ago
• t94j0 / adexplorersnapshot-rs

  View on GitHub
  ☆96Dec 9, 2025Updated 4 months ago
• grayhatkiller / SharpExShell

  View on GitHub
  SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.
  ☆75May 1, 2024Updated last year
• zimedev / certipy-merged

  View on GitHub
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆166Apr 17, 2025Updated last year
• synacktiv / Prox-Ez

  View on GitHub
  ☆108Feb 11, 2026Updated 2 months ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• MythicAgents / bloodhound

  View on GitHub
  Bloodhound agent for Mythic
  ☆23Apr 19, 2025Updated last year
• Thunter-HackTeam / EvilentCoerce

  View on GitHub
  ☆164May 5, 2025Updated 11 months ago
• MorDavid / vCenterHound

  View on GitHub
  Collect infrastructure and permissions data from vCenter and export it as a BloodHound‑compatible graph using Custom Nodes/Edges
  ☆175Aug 13, 2025Updated 8 months ago
• ttpreport / ligolo-mp

  View on GitHub
  Multiplayer pivoting solution
  ☆504Mar 7, 2026Updated last month
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆872Feb 3, 2024Updated 2 years ago
• SpecterOps / MSSQLHound

  View on GitHub
  Go (formerly PowerShell) collector for adding MSSQL attack paths to BloodHound with OpenGraph
  ☆315Updated this week
• scrt / PowerChell

  View on GitHub
  A PowerShell console in C/C++ with all the security features disabled
  ☆384Oct 14, 2025Updated 6 months ago
• BlackSnufkin / DeadManSwitch

  View on GitHub
  DeadManSwitch in rust with several triggers (remote local and network)
  ☆17Nov 19, 2025Updated 5 months ago
• xforcered / SoaPy

  View on GitHub
  SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆263Feb 21, 2025Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• tehstoni / RustyDumper

  View on GitHub
  Process dumper wrote in rust.
  ☆14Sep 16, 2024Updated last year
• 1r0BIT / TaskHound

  View on GitHub
  Tool to enumerate privileged Scheduled Tasks on Remote Systems
  ☆294Mar 29, 2026Updated last month
• trustedsec / DitExplorer

  View on GitHub
  Tool for viewing NTDS.dit
  ☆199Mar 14, 2025Updated last year
• nettitude / SharpConflux

  View on GitHub
  ☆65Mar 15, 2024Updated 2 years ago
• vari-sh / RedTeamGrimoire

  View on GitHub
  🔥📜 Forbidden collection of Red Team sorcery 📜🔥
  ☆370Mar 23, 2026Updated last month
• fortalice / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆396Feb 23, 2024Updated 2 years ago
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆38Jan 20, 2025Updated last year