BloodHound is used to find relationships within an Active Directory (AD) domain to discover attack paths.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices, Users, Groups
Parameters
-
Host Name or IP Address (required) - The hostname or IP address of the BloodHound server.
-
Username and Password (optional) - The credentials for a user account that has the permissions to fetch assets.
Note:When Token Key and Token ID are not supplied, User Name and Password are required.
-
Token Key and Token ID (optional) - The API Tokens associated with a user account that has permissions to fetch assets. For information on how to create a Token Key/ID pair, see Working with the BloodHound API.
Note:When User Name and Password are not supplied, Token Key and Token ID are required.
-
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
-
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
-
HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
-
HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Advanced settings can either apply to all connections for this adapter, or to a specific connection. Refer to Advanced Configuration for Adapters.
- Fetch Tier Zero Devices (Asset Groups Collections) - Select this option to fetch Tier Zero devices.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
APIs
Axonius uses the BloodHound API (v2).
Supported From Version
Supported from Axonius version 4.6