Open-source penetration testing tool BloodHound CE released

2023-08-02 03:30

SpecterOps released version 5.0 of BloodHound Community Edition, a free and open-source penetration testing solution that maps attack paths in Microsoft Active Directory and Azure environments.

"The way that BloodHound Community Edition maps out Attack Paths in AD and Azure is unique - there isn't another tool that can find hidden and unintentional relationships to identify complex Attack Paths that attackers can exploit. After this update, the tool will offer a user experience closer to an enterprise-grade product than an open-source tool," Andy Robbins, co-creator of BloodHound and a Principal Product Architect at SpecterOps, told Help Net Security.

Support for REST APIs - BloodHound CE is a three-tier application with a database, an API layer, and a web-based user interface.

Enterprise-grade user management - This update adds built-in full multi-user support with RBAC, the ability to create and assign user roles, and support for two-factor authentication and SAML to BloodHound CE. Protected Cypher searches - Cypher queries will include available guardrails to automatically cancel queries that will cause performance or security issues.

More frequent updates and community contributions - These changes will allow SpecterOps to increase the rate of updates and new features added to BloodHound CE going forward and will increase the number of pull requests from the community that can be implemented.

Better community support - More similarities between BloodHound CE and BloodHound Enterprise under the hood means users will have better access to support and documentation for both.

News URL

https://www.helpnetsecurity.com/2023/08/02/bloodhound-ce-open-source-penetration-testing-tool/

#opensource #penetrationtesting