SharpHound is a powerful data collection tool designed to enumerate and map Active Directory (AD) environments. As the data collector for BloodHound, it gathers detailed information about users, groups, computers, sessions, trusts, ACLs, and more, enabling attackers and defenders alike to visualize potential attack paths.
- Active Directory Enumeration: Collects AD data to uncover privilege escalation and lateral movement opportunities.
- Versatile Collection Methods: Supports LDAP, SMB, and Win32 API queries to extract data from domain controllers and hosts.
- Stealthy Operations: Designed to minimize detection, often run from memory or via C2 frameworks in red team assessments.
- Integration with BloodHound: Outputs JSON files that can be ingested by BloodHound for graph-based analysis.
Ideal for red teamers looking to identify misconfigurations and security teams aiming to understand and remediate AD risks.