Every year I usually flag some tools that I want to try when I get back home from hacker summer camp. Things end up getting hectic, life and work takes over, and a year later, my reminders auto-delete rules remove all traces of what was once recorded.
Well not this year, I stuck to my guns and have been cycling through my list of “really cool tools to try”.
I remember catching a bit of the BloodHound talk when I was presenting Wordsmith at BSides LV, and being quite excited to try it out.
To my surprise there isn’t a good, concise guide to get BloodHound up and running on Debian. So here is what I was able to cobble together.
This should take about 15 minutes to install and configure.
First thing to do is sudo up.
Install some packages that will be necessary to grab BloodHound.
Add the neo4j sources.
Add the openjdk 8 sources.
Install openjdk 8.
This is really important, neo4j will run into a start up error unless the the default Java version is set to Java 8.
Edit the neo4j configuration file to listen for bolt and http on all interfaces (you can set 0.0.0.0 to 127.0.0.1 if you plan on using BloodHound for test only). Also also set the default graph database to graph.db.
The next step is to clone the Bloodhound git repository. This is just so we can extract the sample database. Once we place this into the appropriate location, we can delete the git repository.
Download the Bloodhound binary, but don’t execute it just yet.
Before executing BloodHound, we have to set a new password for the neo4j instance.
Open a web browser and navigate to