Axonius Documentation
Start typing to search…

BloodHound

BloodHound is used to find relationships within an Active Directory (AD) domain to discover attack paths.

Asset Types Fetched

  • Devices, Users, Groups

Before You Begin

Ports

  • TCP port 80/443

Authentication Method

  • User Name/Password for Cloud
  • Token Key/Token ID for on-prem

APIs

Axonius uses the BloodHound API (v2).

Permissions

Consult with your vendor for the exact permissions to fetch the objects.

Supported From Version

Supported from Axonius version 4.6

Connecting the Adapter in Axonius

To connect the adapter in Axonius, provide the following parameters:

Required Parameters

  1. Host Name or IP Address - The hostname or IP address of the BloodHound server.
  2. Username and Password - The credentials for a user account that has permissions to fetch assets.
📘

Note

When Token Key and Token ID are not supplied, User Name and Password are required.

  1. Token Key and Token ID - The API Tokens associated with a user account that has permissions to fetch assets. For information on how to create a Token Key/ID pair, see Working with the BloodHound API.
📘

Note

When User Name and Password are not supplied, Token Key and Token ID are required.

Bloodhound

Optional Parameters

  1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to Advanced Configuration for Adapters.

  1. Fetch Tier Zero Devices (Asset Groups Collections) - Select this option to fetch Tier Zero devices.
  2. Fetch Computers Admin Users - Select this option to fetch computer admin users.
  3. Fetch Computers RDP Users - Select this option to fetch computer RDP users.
📘

Note

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Updated 1 day ago