exploide/bhcli

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/exploide/bhcli)

exploide / bhcli

CLI tool to interact with the BloodHound CE API

☆69

Alternatives and similar repositories for bhcli

Users that are interested in bhcli are comparing it to the libraries listed below

Sorting:

coffeegist / bofhound
View on GitHub
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
☆371Jan 29, 2026Updated last month
zblurx / dploot
View on GitHub
DPAPI looting remotely and locally in Python
☆542Updated this week
nyxgeek / bad_guest
View on GitHub
☆15Jun 27, 2024Updated last year
logangoins / SOAPy
View on GitHub
SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
☆166Jan 23, 2026Updated last month
zimedev / certipy-merged
View on GitHub
Tool for Active Directory Certificate Services enumeration and abuse
☆166Apr 17, 2025Updated 11 months ago
fortalice / bofhound
View on GitHub
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
☆390Feb 23, 2024Updated 2 years ago
n00py / GetFGPP
View on GitHub
Get Fine Grained Password Policy
☆78Updated this week
MythicAgents / forge
View on GitHub
Command Augmentation support for BOFs and .NET assemblies across agents
☆42Mar 12, 2026Updated last week
kozmer / rspy
View on GitHub
rust port of pspy with support for process monitoring over dbus
☆36Jan 4, 2026Updated 2 months ago
slemire / bof-adopt
View on GitHub
BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
☆17Jul 22, 2022Updated 3 years ago
kozmer / aad-bofs
View on GitHub
☆139Nov 17, 2025Updated 4 months ago
Hackcraft-Labs / SharpShares
View on GitHub
Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
☆34Nov 13, 2023Updated 2 years ago
voidvxvi / EnableAllTokenPrivs
View on GitHub
Enable or Disable TokenPrivilege(s)
☆15May 17, 2024Updated last year
cogiceo / GPOHound
View on GitHub
Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data
☆360Jan 8, 2026Updated 2 months ago
Patrick-DE / C2-logparser
View on GitHub
Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.
☆24Jan 15, 2026Updated 2 months ago
ShutdownRepo / pywhisker
View on GitHub
Python version of the C# tool for "Shadow Credentials" attacks
☆864Feb 14, 2026Updated last month
dirkjanm / DeviceToken
View on GitHub
Request device ticket/token using the device's MSA
☆38Aug 25, 2025Updated 6 months ago
Malcrove / SeamlessPass
View on GitHub
A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
☆238Aug 25, 2024Updated last year
SpecterOps / MSSQLHound
View on GitHub
PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph
☆293Updated this week
G0ldenGunSec / GetWebDAVStatus
View on GitHub
Determine if the WebClient Service (WebDAV) is running on a remote system
☆143Mar 9, 2024Updated 2 years ago
SpecterOps / BloodHoundQueryLibrary
View on GitHub
A community-driven collection of BloodHound queries
☆173Feb 17, 2026Updated last month
jfjallid / go-lsass
View on GitHub
Tool to aid in dumping LSASS process remotely
☆42Sep 23, 2025Updated 5 months ago
grayhatkiller / wambam-bof
View on GitHub
☆48Dec 5, 2025Updated 3 months ago
AlmondOffSec / PassTheCert
View on GitHub
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
☆733Sep 3, 2025Updated 6 months ago
SpecterOps / cred1py
View on GitHub
A Python POC for CRED1 over SOCKS5
☆165Oct 5, 2024Updated last year
xforcered / RemoteMonologue
View on GitHub
Weaponizing DCOM for NTLM Authentication Coercions
☆274Jul 1, 2025Updated 8 months ago
synacktiv / AADOutsider-py
View on GitHub
Python3 rewrite of AsOutsider features of AADInternals
☆59Jul 23, 2025Updated 7 months ago
g0h4n / RustHound-CE
View on GitHub
Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
☆470Jan 15, 2026Updated 2 months ago
voidvxvi / HellBunny
View on GitHub
Shellcode loader written in C and Assembly utilizing direct or indirect syscalls to evade UM EDR hooks
☆139Dec 22, 2024Updated last year
zyn3rgy / smbtakeover
View on GitHub
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
☆346Nov 19, 2024Updated last year
sadreck / Codecepticon
View on GitHub
.NET/PowerShell/VBA Offensive Security Obfuscator
☆196May 4, 2024Updated last year
CrowdStrike / sccmhound
View on GitHub
A BloodHound collector for Microsoft Configuration Manager
☆393Jul 7, 2025Updated 8 months ago
fortalice / pyldapsearch
View on GitHub
Tool for issuing manual LDAP queries which offers bofhound compatible output
☆57Jun 2, 2024Updated last year
synacktiv / EIPP
View on GitHub
Entra ID Password Protection Banned Password Lists
☆18Apr 16, 2024Updated last year
franc-pentest / ldeep
View on GitHub
In-depth ldap enumeration utility
☆566Mar 4, 2026Updated 2 weeks ago
synacktiv / GPOddity
View on GitHub
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
☆361Dec 13, 2025Updated 3 months ago
MaLDAPtive / Invoke-Maldaptive
View on GitHub
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
☆337Aug 7, 2024Updated last year
jborean93 / AmsiProvider
View on GitHub
Test AMSI Provider implementation in C#
☆42Dec 18, 2024Updated last year
Hackndo / pyGPOAbuse
View on GitHub
Partial python implementation of SharpGPOAbuse
☆531Mar 7, 2026Updated last week