Tool Documentation:

How to install and run Bloodhound

Update your package list and install BloodHound from the official Kali repository::

┌──(kali㉿kali)-[~]
└─$ sudo apt update && sudo apt install -y bloodhound

After installation, run BloodHound’s configuration script:

┌──(kali㉿kali)-[~]
└─$ sudo bloodhound-setup

This will initialize the necessary services and configurations.

  1. Open a browser and navigate to http://localhost:7474.
  2. Login using the default credentials:

Bloodhound’s default credentials:

  username: neo4j
  password: neo4j

You will be prompted to set a new password. Choose a secure one and remember it.

Now that you’ve updated the Neo4j password, update the BloodHound API config file to reflect the change (replace the password "secret": "neo4j").

┌──(kali㉿kali)-[~]
└─$ sudo vim /etc/bhapi/bhapi.json

You can finally run bloodhound with the default credentials. You will be asked to set a new secure password.

┌──(kali㉿kali)-[~]
└─$ sudo bloodhound

username: admin
password: admin


Packages and Binaries:

bloodhound

This package contains BloodHound Community Edition, a single page Javascript web application.

BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory environment.

Installed size: 662.91 MB
How to install: sudo apt install bloodhound

Dependencies:
  • curl
  • neo4j
  • postgresql
bloodhound
root@kali:~# bloodhound -h

 It seems it's the first time you run bloodhound

 Please run bloodhound-setup first
bloodhound-setup
root@kali:~# bloodhound-setup -h

 [*] Starting PostgreSQL service

 [*] Creating Database
User _bloodhound already exists in PostgreSQL
Database bloodhound already exists in PostgreSQL
ALTER ROLE

 [*] Starting neo4j
Neo4j is not running.
Directories in use:
home:         /usr/share/neo4j
config:       /usr/share/neo4j/conf
logs:         /etc/neo4j/logs
plugins:      /usr/share/neo4j/plugins
import:       /usr/share/neo4j/import
data:         /etc/neo4j/data
certificates: /usr/share/neo4j/certificates
licenses:     /usr/share/neo4j/licenses
run:          /var/lib/neo4j/run
Starting Neo4j.
Started neo4j (pid:45476). It is available at http://localhost:7474
There may be a short delay until the server is ready.

 [i] You need to change the default password for neo4j
     Default credentials are user:neo4j password:neo4j

 [!] IMPORTANT: Once you have setup the new password, please update /etc/bhapi/bhapi.json with the new password before running bloodhound
............

Updated on: 2025-May-30