DotNetRussell

DotNetRussell / BloodBash

Public

A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for quick AD enumeration.

175
18
100% credibility
Found Feb 09, 2026 at 62 stars 3x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

BloodBash is a standalone tool that analyzes raw network security data files to detect Active Directory misconfigurations, attack paths, and vulnerabilities like ADCS issues without requiring a database or graphical interface.

How It Works

1
🕵️ Discover BloodBash

You learn about a simple tool that helps spot weak spots and attack paths in network security data without fancy setups.

2
📥 Download the files

Grab the tool's files from the sharing site to your computer.

3
🛠️ Prepare your setup

Follow easy instructions to get everything ready on your machine so it runs smoothly.

4
📁 Add your data

Point the tool to the folder with your network scan files you gathered earlier.

5
🔍 Launch the analysis

Start the check and watch progress bars as it uncovers vulnerabilities like risky permissions and easy attack routes.

6
📊 Review colorful results

See beautiful tables and highlighted paths showing dangers like weak certificates, roastable accounts, and more.

7
Choose your focus
🚀
Full scan

Run all checks for a complete picture of risks.

🎯
Targeted check

Focus on one area like dangerous permissions or delegation tricks.

🏆 Get your report

Export the findings to a file and use them to strengthen security or plan your next moves.

Sign up to see the full architecture

6 more

Sign Up Free

Star Growth

See how this repo grew from 62 to 175 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is BloodBash?

BloodBash is a Python bloodhound alternative github tool that processes SharpHound JSON files offline to map Active Directory attack paths and vulnerabilities, skipping the need for Neo4j servers or GUIs. Point it at your JSON directory via CLI—like `python BloodBash.py /path/to/json --all`—and it flags shortest paths to domain admins, dangerous permissions, ADCS ESC1-ESC8 issues, DCSync rights, RBCD setups, kerberoastable accounts, and more. Output comes rich and colored in the terminal, with exports to Markdown, JSON, or YAML.

Why is it gaining traction?

As a bloodhound ad alternative and among bloodhound alternatives reddit picks, it shines for zero-setup speed on pentest laptops, delivering BloodHound-like queries (GPO abuse, AS-REP roasting, sessions) without database overhead. Fast mode skips heavy pathfinding for large datasets, and flags like `--adcs` or `--verbose` give targeted, actionable intel fast. Metasploit module integration lets it slot into existing workflows seamlessly.

Who should use this?

Red teamers running quick AD enumeration post-SharpHound collection. Pentesters seeking bloodhound alternatives github for offline bloodhound step alternative analysis during engagements. OSCP/CRTP learners drilling bloodhound github powershell data without full stack setup.

Verdict

Solid pick for a bloodhound python alternative if you're tired of server spin-up—65 stars show niche interest, but 1.0% credibility and modest maturity mean test it on real data first. Promising for fast recon; contribute to expand path chaining.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.