Skip to main content
BloodHound Community Edition (BHCE) is a part of many assessments, but using the data in reports can be difficult. The BHCE data is readily available as JSON, but the JSON files are typically large for most Active Directory (AD) environments outside of a lab environment. Also, the data’s full value comes from your analysis, so feeding the raw JSON to Ghostwriter isn’t the way to go. No one wants to copy and paste the contents of a dozen JSON files into fields anyway. We can leverage BHCE and Ghostwriter’s robust APIs to perform analysis, automatically pass the JSON to Ghostwriter, and store it in a JSON field. This example is covered more in-depth in this article:

Ghostwriter v4.3: SSO, JSON Fields, and Reporting with BloodHound

Logo Posts By SpecterOps Team Members
A proof-of-concept script is available here:

GitHub - GhostManager/bloodhound-integration-poc

Logo A proof-of-concept script for automating the extraction of data from a BloodHound Community Edition server and sending it to Ghostwriter for use in reports