BloodHound-MCP
@MorDavid
About BloodHound-MCP
BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language instead of complex Cypher queries.
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"BloodHound-MCP": {
"command": "python",
"args": [
"<Your_Path>\\BloodHound-MCP.py"
],
"env": {
"BLOODHOUND_URI": "bolt://localhost:7687",
"BLOODHOUND_USERNAME": "neo4j",
"BLOODHOUND_PASSWORD": "bloodhoundcommunityedition"
}
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is BloodHound-MCP?
BloodHound-MCP is a Model Context Protocol (MCP) server that connects AI assistants to BloodHound, the industry-standard tool for Active Directory security analysis. It lets security professionals query BloodHound data and explore AD attack paths using natural language instead of manual Cypher queries.
How to use BloodHound-MCP?
Clone the repository, install dependencies with pip install -r requirements.txt, then configure the MCP server by setting the BLOODHOUND_URI, BLOODHOUND_USERNAME, and BLOODHOUND_PASSWORD environment variables. Once configured, you can ask natural-language questions about your Active Directory environment through any MCP-compatible client.
Key features of BloodHound-MCP
- Natural-language interface for querying BloodHound data
- Over 75 specialized tools based on original BloodHound CE Cypher queries
- Domain structure mapping and privilege escalation path analysis
- Kerberos security issue detection (Kerberoasting, AS-REP Roasting)
- Certificate services vulnerability identification
- NTLM relay attack vector discovery
Use cases of BloodHound-MCP
- Show all attack paths from kerberoastable users to Domain Admins
- Find computers where Domain Users have local admin rights
- Identify Domain Controllers vulnerable to NTLM relay attacks
- Map all Active Directory certificate services vulnerabilities
- Generate comprehensive security reports for a domain
FAQ from BloodHound-MCP
What prerequisites are needed?
BloodHound 4.x+ with data collected from an Active Directory environment, a Neo4j database loaded with BloodHound data, Python 3.8 or higher, and an MCP client.
How do I configure the server connection?
Set the BLOODHOUND_URI, BLOODHOUND_USERNAME, and BLOODHOUND_PASSWORD environment variables in your MCP client configuration (default URI is bolt://localhost:7687).
Is this an official Anthropic product?
No. BloodHound-MCP is a community-driven integration between BloodHound and MCP, not an official Anthropic product.
What kind of queries can I ask?
You can ask natural-language questions about Active Directory attack paths, privilege escalation, Kerberos issues, certificate services vulnerabilities, delegation abuse, AD hygiene, and more.
What license is this project under?
This project is licensed under the MIT License.
More Other MCP servers
Unity MCP ✨
justinpbarnettUnity MCP acts as a bridge between AI assistants and your Unity Editor. Give your LLM tools to manage assets, control scenes, edit scripts, and automate tasks within Unity.
Activepieces
activepiecesAI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents
ICSS
chokcoco不止于 CSS
Servers
modelcontextprotocolModel Context Protocol Servers
Reactive Resume
amruthpillaiA one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!
Comments