Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/bloodhoundad/sharphound
C# Data Collector for BloodHound
https://github.com/bloodhoundad/sharphound
Last synced: 3 days ago
JSON representation
C# Data Collector for BloodHound
- Host: GitHub
- URL: https://github.com/bloodhoundad/sharphound
- Owner: BloodHoundAD
- License: gpl-3.0
- Created: 2021-07-12T17:07:04.000Z (over 3 years ago)
- Default Branch: 2.X
- Last Pushed: 2024-10-18T17:45:14.000Z (26 days ago)
- Last Synced: 2024-11-03T02:33:10.721Z (11 days ago)
- Language: C#
- Homepage:
- Size: 330 KB
- Stars: 743
- Watchers: 19
- Forks: 168
- Open Issues: 13
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# SharpHound
![GitHub all releases](https://img.shields.io/github/downloads/BloodHoundAD/SharpHound/total)
## Get SharpHound
The latest build of SharpHound will always be found [here](https://github.com/BloodHoundAD/SharpHound/releases).
To determine the SharpHound version compatible with a deployed BloodHound CE instance, login to BloodHound CE's web UI and click on ⚙️ (Settings) → Download Collectors. Then, click either the "Download SharpHound" button in the user interface or use the displayed SharpHound version to download the appropriate [release binary](https://github.com/BloodHoundAD/SharpHound/releases). Alternatively, compile a SharpHound binary from the corresponding release commit.
## Compile Instructions
To build this project, use .net 5.0 and run the following:
```
dotnet restore .
dotnet build
```## Requirements
SharpHound is designed targeting .Net 4.6.2. SharpHound must be run from the context of a domain user, either directly through a logon or through another method such as RUNAS.
# SharpHound
```csharp
dotnet restore .
dotnet build
```# CLI Arguments
The listing below details the CLI arguments SharpHound supports. Additional details about these options can be found in the [BloodHound CE Collection documentation](https://support.bloodhoundenterprise.io/hc/en-us/articles/17481375424795-All-SharpHound-Community-Edition-Flags-Explained).
```
-c, --collectionmethods (Default: Default) Collection Methods: Container, Group, LocalGroup, GPOLocalGroup,
Session, LoggedOn, ObjectProps, ACL, ComputerOnly, Trusts, Default, RDP, DCOM, DCOnly, UserRights, CARegistry, DCRegistry, CertServices-d, --domain Specify domain to enumerate
-s, --searchforest (Default: false) Search all available domains in the forest
--stealth Stealth Collection (Prefer DCOnly whenever possible!)
-f Add an LDAP filter to the pregenerated filter.
--distinguishedname Base DistinguishedName to start the LDAP search at
--computerfile Path to file containing computer names to enumerate
--outputdirectory (Default: .) Directory to output file too
--outputprefix String to prepend to output file names
--cachename Filename for cache (Defaults to a machine specific identifier)
--memcache Keep cache in memory and don't write to disk
--rebuildcache (Default: false) Rebuild cache and remove all entries
--randomfilenames (Default: false) Use random filenames for output
--zipfilename Filename for the zip
--nozip (Default: false) Don't zip files
--trackcomputercalls (Default: false) Adds a CSV tracking requests to computers
--zippassword Password protects the zip with the specified password
--prettyprint (Default: false) Pretty print JSON
--ldapusername Username for LDAP
--ldappassword Password for LDAP
--domaincontroller Override domain controller to pull LDAP from. This option can result in data loss
--ldapport (Default: 0) Override port for LDAP
--secureldap (Default: false) Connect to LDAP SSL instead of regular LDAP
--disablecertverification (Default: false) Disable certificate verification for secure LDAP
--disablesigning (Default: false) Disables Kerberos Signing/Sealing
--skipportcheck (Default: false) Skip checking if 445 is open
--portchecktimeout (Default: 500) Timeout for port checks in milliseconds
--skippasswordcheck (Default: false) Skip PwdLastSet age check when checking computers
--excludedcs (Default: false) Exclude domain controllers from session/localgroup enumeration (mostly for
ATA/ATP)--throttle Add a delay after computer requests in milliseconds
--jitter Add jitter to throttle (percent)
--threads (Default: 50) Number of threads to run enumeration with
--skipregistryloggedon Skip registry session enumeration
--overrideusername Override the username to filter for NetSessionEnum
--realdnsname Override DNS suffix for API calls
--collectallproperties Collect all LDAP properties from objects
-l, --Loop Loop computer collection
--loopduration Loop duration (hh:mm:ss - 05:00:00 is 5 hours, default: 2 hrs)
--loopinterval Add delay between loops (hh:mm:ss - 00:03:00 is 3 minute)
--statusinterval (Default: 30000) Interval in which to display status in milliseconds
--localadminsessionenum Specify if you want to use a dedicated LOCAL user for session enumeration
--localadminusername Specify the username of the localadmin for session enumeration
--localadminpassword Specify the password of the localadmin for session enumeration
-v (Default: 2) Enable verbose output. Lower is more verbose
--help Display this help screen.
--version Display version information.
```