top of page

BloodHound 5.0: A Major Leap in Mapping Attack Paths for Microsoft AD and Azure Environments

SpecterOps, a leading provider of adversary-focused cybersecurity solutions, has announced the release of BloodHound version 5.0, a powerful and free open-source penetration testing solution that maps attack paths for Microsoft Active Directory (AD) and Azure environments, including Azure AD/Entra ID. With this update, BloodHound is being renamed as BloodHound Community Edition (CE). The latest version introduces significant improvements, making it more user-friendly for open-source users to deploy, manage, and utilize the tool, while also incorporating powerful new functionalities.

Notably, some popular features from BloodHound CE are now being integrated into BloodHound Enterprise, SpecterOps' defensive solution tailored for enterprise security and identity teams.

The updates to BloodHound CE bring enterprise-grade usability features such as containerized deployment, REST APIs, user management, and access control. The performance has been enhanced, and development has been streamlined, allowing for faster development and the incorporation of community contributions. Moreover, BloodHound Enterprise users now have the ability to run custom Cypher queries, enabling them to explore and gather additional information from their directory service infrastructure.

“Our commitment to the BloodHound community and the goals of the project remain the same as always: helping penetration testers and defenders uncover the hidden, unintentional, and exploitable relationships in Active Directory,” said Andy Robbins, co-creator of BloodHound. “This update allows us to strengthen both products by applying two years’ worth of knowledge gained from building BloodHound Enterprise to BloodHound CE, and by bringing some in-demand features from CE into Enterprise at the same time. BloodHound CE is the same BloodHound that long time open-source users know and love, now with enterprise-grade deployment, usability, and UI.”

The new features in BloodHound CE include support for REST APIs, containerized deployment for faster and more flexible deployment, enterprise-grade user management with role-based access control and support for two-factor authentication and SAML, protected Cypher searches with built-in guardrails, reliability and performance upgrades, more frequent updates and community contributions, and improved community support.

Additionally, popular features from BloodHound CE have been incorporated into BloodHound Enterprise, including custom Cypher queries and improved offline data collection capabilities.

BloodHound Legacy will refer to all previous versions before v5.0 and will remain available going forward.

BloodHound, created in 2016 by Rohan Vazarkar, Will Schroeder, and Andy Robbins, has gained significant recognition and adoption, being downloaded nearly 500,000 times with over 12,000 users in the BloodHound Community Slack. The tool has received endorsements from prominent entities like the US Cybersecurity, Infrastructure Security Agency (CISA), and Microsoft for securing Microsoft Active Directory and Azure AD.

The release of BloodHound Community Edition is set for August 8th, offering early access to users. ###


bottom of page