{"id":27062917,"url":"https://github.com/MorDavid/BloodHound-MCP-AI","last_synced_at":"2025-04-05T16:00:30.553Z","repository":{"id":286094303,"uuid":"960315363","full_name":"MorDavid/BloodHound-MCP-AI","owner":"MorDavid","description":"BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language instead of complex Cypher queries.","archived":false,"fork":false,"pushed_at":"2025-04-04T09:48:36.000Z","size":697,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-04T10:31:08.509Z","etag":null,"topics":["ai","bloodhound","bloodhoundad","cypher-query-language","mcp","mcp-server"],"latest_commit_sha":null,"homepage":"https://www.mordavid.com","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MorDavid.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-04-04T08:14:28.000Z","updated_at":"2025-04-04T10:04:39.000Z","dependencies_parsed_at":"2025-04-04T10:41:36.197Z","dependency_job_id":null,"html_url":"https://github.com/MorDavid/BloodHound-MCP-AI","commit_stats":null,"previous_names":["mordavid/bloodhound-mcp-ai"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MorDavid%2FBloodHound-MCP-AI","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MorDavid%2FBloodHound-MCP-AI/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MorDavid%2FBloodHound-MCP-AI/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MorDavid%2FBloodHound-MCP-AI/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MorDavid","download_url":"https://codeload.github.com/MorDavid/BloodHound-MCP-AI/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247361593,"owners_count":20926641,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","bloodhound","bloodhoundad","cypher-query-language","mcp","mcp-server"],"created_at":"2025-04-05T16:00:29.608Z","updated_at":"2025-04-05T16:00:30.526Z","avatar_url":"https://github.com/MorDavid.png","language":"Python","funding_links":[],"categories":["Security","🧰 MCP Tools","📚 Projects (1974 total)","💾 MCP Security Servers","Community Servers","MCP Servers","Content Creation","MCP Servers \u0026 Protocol","🏴 Post-Exploitation \u0026 Active Directory"],"sub_categories":["SIEM \u0026 SecOps","🔐 Security Tools","MCP Servers","Security \u0026 Reverse Engineering"],"readme":"# BloodHound-MCP\n\n![BloodHound-MCP](/images/BloodHound-MCP-Banner.png)\n\n## Model Context Protocol (MCP) Server for BloodHound\n\nBloodHound-MCP is a powerful integration that brings the capabilities of Model Context Procotol (MCP) Server to BloodHound, the industry-standard tool for Active Directory security analysis. This integration allows you to analyze BloodHound data using natural language, making complex Active Directory attack path analysis accessible to everyone.\n\n\u003e 🥇 **First-Ever BloodHound AI Integration!**  \n\u003e This is the first integration that connects BloodHound with AI through MCP, [originally announced here](https://www.linkedin.com/posts/mor-david-cyber_bloodhound-ai-cybersec-activity-7310921541213470721-N390).\n\n## 🔍 What is BloodHound-MCP?\n\nBloodHound-MCP combines the power of:\n- **BloodHound**: Industry-standard tool for visualizing and analyzing Active Directory attack paths\n- **Model Context Protocol (MCP)**: An open protocol for creating custom AI tools, compatible with various AI models\n- **Neo4j**: Graph database used by BloodHound to store AD relationship data\n\nWith over 75 specialized tools based on the original BloodHound CE Cypher queries, BloodHound-MCP allows security professionals to:\n- Query BloodHound data using natural language\n- Discover complex attack paths in Active Directory environments\n- Assess Active Directory security posture more efficiently\n- Generate detailed security reports for stakeholders\n\n## 📱 Community\n\nJoin our Telegram channel for updates, tips, and discussion:\n- **Telegram**: [root_sec](https://t.me/root_sec)\n\n## ✨ Features\n\n- **Natural Language Interface**: Query BloodHound data using plain English\n- **Comprehensive Analysis Categories**:\n  - Domain structure mapping\n  - Privilege escalation paths\n  - Kerberos security issues (Kerberoasting, AS-REP Roasting)\n  - Certificate services vulnerabilities\n  - Active Directory hygiene assessment\n  - NTLM relay attack vectors\n  - Delegation abuse opportunities\n  - And much more!\n\n## 📋 Prerequisites\n\n- BloodHound 4.x+ with data collected from an Active Directory environment\n- Neo4j database with BloodHound data loaded\n- Python 3.8 or higher\n- MCP Client\n\n## 🔧 Installation\n\n1. Clone this repository:\n   ```bash\n   git clone https://github.com/your-username/MCP-BloodHound.git\n   cd MCP-BloodHound\n   ```\n\n2. Install dependencies:\n   ```bash\n   pip install -r requirements.txt\n   ```\n3. Configure the MCP Server\n    ```bash\n    \"mcpServers\": {\n        \"BloodHound-MCP\": {\n            \"command\": \"python\",\n            \"args\": [\n                \"\u003cYour_Path\u003e\\\\BloodHound-MCP.py\"\n            ],\n            \"env\": {\n                \"BLOODHOUND_URI\": \"bolt://localhost:7687\",\n                \"BLOODHOUND_USERNAME\": \"neo4j\",\n                \"BLOODHOUND_PASSWORD\": \"bloodhoundcommunityedition\"\n            }\n        }\n    }\n   ```\n## 🚀 Usage\n\nExample queries you can ask through the MCP:\n\n- \"Show me all paths from kerberoastable users to Domain Admins\"\n- \"Find computers where Domain Users have local admin rights\"\n- \"Identify Domain Controllers vulnerable to NTLM relay attacks\"\n- \"Map all Active Directory certificate services vulnerabilities\"\n- \"Generate a comprehensive security report for my domain\"\n- \"Find inactive privileged accounts\"\n- \"Show me attack paths to high-value targets\"\n\n## 🔐 Security Considerations\n\nThis tool is designed for legitimate security assessment purposes. Always:\n- Obtain proper authorization before analyzing any Active Directory environment\n- Handle BloodHound data as sensitive information\n- Follow responsible disclosure practices for any vulnerabilities discovered\n\n## 📜 License\n\nThis project is licensed under the MIT License - see the LICENSE file for details.\n\n## 🙏 Acknowledgments\n\n- The BloodHound team for creating an amazing Active Directory security tool\n- The security community for continuously advancing AD security practices\n\n---\n\n*Note: This is not an official Anthropic product. BloodHound-MCP is a community-driven integration between BloodHound and MCP.* \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMorDavid%2FBloodHound-MCP-AI","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMorDavid%2FBloodHound-MCP-AI","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMorDavid%2FBloodHound-MCP-AI/lists"}