BloodHound icon indicating copy to clipboard operation
BloodHound copied to clipboard

Published 20 hours ago verified publisher icon BloodHoundAD

[Feature Request]: Importing owned users

Open 0xB455 opened this issue 5 years ago • 5 comments

Hey,

during engagements I found tagging objects as "owned" or as "high value" quite usefull. However doing this purely manually via right clicks in the GUI seems quite the hazzle and I was thinking about better approaches for this. First thing that came to my mind was importing a list of elements via an update query for neo4j but maybe it would be even better to implement a feature for batch updating directly into the BloodHound GUI.

Any thoughts on that?

Cheers..

0xB455 avatar Mar 15 '19 12:03 0xB455

Right now, our internal solution for this is a simple python script to bulk import it. Batch importing owned users would require some sort of coherent file format for that, which I'll have to give some thought too

rvazarkar avatar Apr 16 '19 16:04 rvazarkar

I'm sure you can do that via cypherDog and neo4j. I've added several fields, one that add top 5 vulnerabilities to a list of computers from e.g. nessus data, text file/csv file.

markajbell avatar Jul 31 '19 22:07 markajbell

You can try this node script that imports owned users from a file in mass. Also example cypher query to find paths from owned users to privileged groups. https://gist.github.com/rboddy/259cfebe8212bc99a2eba7f7441caf62

rboddy avatar Jun 19 '20 19:06 rboddy

Still a very relevant feature to add, any update on this?

aress31 avatar Aug 21 '21 13:08 aress31

There's a nice python script which does it: https://github.com/xalicex/import-owned-users-bloodhound

ruppde avatar Jul 14 '23 13:07 ruppde