Integrating with BloodHound for Reporting

Pass BloodHound data to Ghostwriter for inclusion in your reports

BloodHound Community Edition (BHCE) is a part of many assessments, but using the data in reports can be difficult. The BHCE data is readily available as JSON, but the JSON files are typically large for most Active Directory (AD) environments outside of a lab environment. Also, the data’s full value comes from your analysis, so feeding the raw JSON to Ghostwriter isn’t the way to go. No one wants to copy and paste the contents of a dozen JSON files into fields anyway.

We can leverage BHCE and Ghostwriter’s robust APIs to perform analysis, automatically pass the JSON to Ghostwriter, and store it in a JSON field. This example is covered more in-depth in this article:

A proof-of-concept script is available here:

PreviousRecording Cloud Server Deployments NextHealth Monitoring

Last updated 2 months ago