Skip to content
English
NopSec.com
  • There are no suggestions because the search field is empty.

How do I integrate Bloodhound

This article describes how to export data from the Bloodhound Active Directory anlaysis tool and import the information into the Nopsec platform for Attack Path Analysis.

Step 1: Run a Query

First, run the query that generates the findings you want to export. You can use a built-in query from the Analysis tab or a custom Cypher query.

  1. Click the Analysis tab on the left-hand side of the main interface.
  2. Select a pre-built query. For this example, we will use the popular "Find all Domain Admins" query.
  3. After running the query, the results will be displayed in the main window.

Step 2: Select the Data to Export

Once the query results are on screen, you need to select the specific data points (nodes) you wish to export.

  1. In the results table below the graph visualization, you can select one or more rows.
  2. To select a single finding, simply click on it.

To select all findings from the query, click on the first row, hold the Shift key, and then click on the last row. This will highlight all the results.

Step 3: Export the Query Results

With the desired data selected, you can now export it.

  1. Right-click on any of the highlighted rows in the results table.
  2. From the context menu, choose "Export".
  3. From the sub-menu, select "Export selected to CSV" to save the data in a universally compatible spreadsheet format.

Step 4: Save the CSV File

Your operating system's file save dialog will appear.

  1. Choose a location to save the file.
  2. Enter a descriptive file name for your export (e.g., Domain_Admins_Export.csv).
  3. Click "Save".

You have now successfully exported your findings from BloodHound. The resulting CSV file will contain the properties of the nodes you selected (e.g., usernames, computer names, etc.), which can be used for remediation tracking, reporting, or further analysis in the Nopsec Platform.

Step 5. Upload the Report to the Nopsec Platform

  • Navigate to the “Integrations” page of the Nopsec Platform then click on the IAM Tab. Next, click on the “Add Integrations” button next to Bloodhound Upload

  • Provide a name for the integration in the Connection Name box then click Save and Connect to enable the integration.  NOTE: Naming convention does not support dashes.

  • Click the Upload a Data File button and select the CSV file generated using the steps above.