CypherDog2.1
PoSh BloodHound Dog Whisperer
aka PowerShell Cmdlets to interact with BloodHound Data via Neo4j REST API
Index
Cmdlet | Synopsis |
---|---|
Get-BloodHoundCmdlet | BloodHound RTFM - Get Cmdlet |
Send-BloodHoundPost | BloodHound POST - Cypher to REST API |
Get-BloodHoundNode | BloodHound Node - Get Node |
Search-BloodHoundNode | BloodHound Node - Search Node |
New-BloodHoundNode | BloodHound Node - Create Node |
Set-BloodHoundNode | BloodHound Node - Update Node |
Remove-BloodHoundNode | BloodHound Node - Delete Node |
Get-BloodHoundNodeList | BloodHound Node - Get List |
Get-BloodHoundNodeHighValue | BloodHound Node - Get HighValue |
Get-BloodHoundNodeOwned | BloodHound Node - Get Owned |
Get-BloodHoundNodeNote | BloodHound Node - Get Note |
Set-BloodHoundNodeNote | BloodHound Node - Set Notes |
Get-BloodHoundBlacklist | BloodHound Node - Get Blacklist |
Set-BloodHoundBlacklist | BloodHound Node - Set Blacklist |
Remove-BloodHoundBlacklist | BloodHound Node - Remove Blacklist |
Get-BloodHoundEdge | BloodHound Edge - Get Target |
Get-BloodHoundEdgeReverse | BloodHound Edge - Get Source |
Get-BloodHoundEdgeCrossDomain | BloodHound Edge - Get CrossDomain |
Get-BloodHoundEdgeCount | BloodHound Edge - Get Count |
Get-BloodHoundEdgeInfo | BloodHound Edge - Get Info |
New-BloodHoundEdge | BloodHound Edge - Create Edge |
Remove-BloodHoundEdge | BloodHound Edge - Delete Edge |
Get-BloodHoundPathShort | BloodHound Path - Get Shortest |
Get-BloodHoundPathAny | BloodHound Path - Get Any |
Get-BloodHoundPathCost | BloodHound Path - Get Cost |
Get-BloodHoundPathCheap | BloodHound Path - Get Cheapest |
Get-BloodHoundWald0IO | BloodHound Path - Get Wald0 Index |
Go to Notes
Get-BloodHoundCmdlet
Alias: BloodHound
, CypherDog
Back to Index
Synopsis
BloodHound RTFM - Get Cmdlet
Description
Get Bloodhound [CypherDog] Cmdlets
Syntax
Get-BloodHoundCmdlet [-Online] [+]
Parameters
Online
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
BloodHound
Back to Cmdlet
Send-BloodHoundPost
Alias: DogPost
Back to Index
Synopsis
BloodHound POST - Cypher to REST API
Description
Post Cypher Query to DB REST API
DogPost $Query [$Params] [-expand <prop,prop>]
Syntax
Send-BloodHoundPost [-Query] <String> [[-Params] <Hashtable>] [[-Expand] <String[]>] [-Profile] [+]
Parameters
Query
Mandatory | true |
Type | string |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Params
Mandatory | false |
Type | hashtable |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Expand
Mandatory | false |
Type | string[] |
Position | 3 |
Default | @('data','data') |
PipelineInput | false |
Dynamic | False |
Alias | x |
Profile
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 -------------------------- $query="MATCH
n:User
RETURN n"
DogPost $Query
-------------------------- EXAMPLE 2 -------------------------- $query = "MATCH
A:Computer {name: {ParamA}}
RETURN A"
$Params = @{ParamA="APOLLO.EXTERNAL.LOCAL"} DogPost $Query $Params
-------------------------- EXAMPLE 3 --------------------------
B
RETURN x"
$Params= @{ParamA="[email protected]";ParamB="DOMAIN [email protected]"} DogPost $Query $Params -Expand Data | ToPathObj
-------------------------- EXAMPLE 4 --------------------------
$Query="MATCH
U:User -[r:MemberOf|:AdminTo*1..]-> C:Computer WITH U.name as n, COUNT DISTINCT C as c RETURN {Name: n, Count: c} as SingleColumn ORDER BY c DESC LIMIT 10" DogPost $Query -x Data
Back to Cmdlet
Get-BloodHoundNode
Alias: Get-Node
, Node
Back to Index
Synopsis
BloodHound Node - Get Node
Description
Get BloodHound Node by Type and Name(s)
Syntax
Get-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Label] [-Notes] [-Cypher] [+]
Parameters
Type
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Label
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Notes
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Get-BloodhoundNode User
-------------------------- EXAMPLE 2 --------------------------
Node User BRITNI_GIRARDIN@DOMAIN.LOCAL
Back to Cmdlet
Search-BloodHoundNode
Alias: NodeSearch
, Search-Node
Back to Index
Synopsis
BloodHound Node - Search Node
Description
Search Nodes by partial Name or Properties
Syntax
Search-BloodHoundNode [[-Type] {Computer | Domain | Group | User | GPO | OU}] [-Key] <Regex> [-Sensitive] [-Cypher] [+]
Search-BloodHoundNode [[-Type] {Computer | Domain | Group | User | GPO | OU}] -Label <String> [-Cypher] [+]
Search-BloodHoundNode [[-Type] {Computer | Domain | Group | User | GPO | OU}] -Label <String> -NotExist [-Cypher] [+]
Search-BloodHoundNode [[-Type] {Computer | Domain | Group | User | GPO | OU}] -Property <String> [-Cypher] [+]
Search-BloodHoundNode [[-Type] {Computer | Domain | Group | User | GPO | OU}] -Property <String> -Value <String> [-Cypher] [+]
Search-BloodHoundNode [[-Type] {Computer | Domain | Group | User | GPO | OU}] -Property <String> -NotExist [-Cypher] [+]
Parameters
Type
Node Type
Mandatory | false |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Property
Property Name
Mandatory | true |
Type | string |
Position | named |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Label
Label
Mandatory | true |
Type | string |
Position | named |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Value
Property Name & Value
Mandatory | true |
Type | string |
Position | named |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
NotExist
Property/Label doesn't exists
Mandatory | true |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Key
KeyWord
Mandatory | true |
Type | regex |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Sensitive
Case Sensitive
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Show Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
NodeSearch Group admin
-------------------------- EXAMPLE 2 --------------------------
Nodesearch User -Property sensitive -Value $true
Back to Cmdlet
New-BloodHoundNode
Alias: New-Node
, NodeCreate
Back to Index
Synopsis
BloodHound Node - Create Node
Description
Create New Node by type
Syntax
New-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Name] <String[]> [-Cypher] [+]
New-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Name] <String[]> [[-Property] <Hashtable>] [-Cypher] [+]
New-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Name] <String[]> -Clone [-Cypher] [+]
Parameters
Type
Node Type [Mandatory]
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Node Name [Mandatory]
Mandatory | true |
Type | string[] |
Position | 2 |
Default | |
PipelineInput | true (ByValue) |
Dynamic | False |
Alias | |
Property
Specify Node Properties [Option]
Mandatory | false |
Type | hashtable |
Position | 3 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Clone
Clone similar Node Properties [Option]
Mandatory | true |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Cypher [Option]
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
New-BloodHoundNode -Type User -name Bob
-------------------------- EXAMPLE 2 --------------------------
NodeCreate User Bob
Back to Cmdlet
Set-BloodHoundNode
Alias: NodeUpdate
, Set-Node
Back to Index
Synopsis
BloodHound Node - Update Node
Description
Update BloodHound Node Properties
Syntax
Set-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Cypher] [+]
Set-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} -Delete [-Cypher] [+]
Set-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Cypher] -Label [+]
Set-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} -Delete [-Cypher] -Label [+]
Parameters
Type
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Delete
Mandatory | true |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Label
Mandatory | true |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Property
Mandatory | |
Type | hashtable |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Set-BloodHoundNode User Bob @{MyProp='This'}
Back to Cmdlet
Remove-BloodHoundNode
Alias: NodeDelete
, Remove-Node
Back to Index
Synopsis
BloodHound Node - Delete Node
Description
Delete Bloodhound Node from Database
Syntax
Remove-BloodHoundNode [-Type] {Computer | Domain | Group | User | GPO | OU} [-Force] [-Cypher] [?] [+]
Parameters
Type
Node Type [Mandatory]
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Force
Force (Skip Confirm)
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | x |
Cypher
Force (Skip Confirm)
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Remove-BloodhoundNode Remove-BloodHoundNode -Type User -Name Bob
-------------------------- EXAMPLE 2 --------------------------
NodeDelete User Bob -Force
Back to Cmdlet
Get-BloodHoundNodeList
Alias: List
, NodeList
Back to Index
Synopsis
BloodHound Node - Get List
Description
List BloodHound nodes per Edge
Syntax
Get-BloodHoundNodeList [-Type] <String> [+]
Parameters
Type
Mandatory | true |
Type | string |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Domain
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
List Membership ALBINA_BRASHEAR@DOMAIN.LOCAL
Back to Cmdlet
Get-BloodHoundNodeHighValue
Alias: Get-NodeHighValue
, HighValue
Back to Index
Synopsis
BloodHound Node - Get HighValue
Description
Get Bloodhound HighValueNode
Syntax
Get-BloodHoundNodeHighValue [[-Type] <String>] [+]
Parameters
Type
Mandatory | false |
Type | string |
Position | 1 |
Default | User |
PipelineInput | false |
Dynamic | False |
Alias | |
Domain
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
HighValue User
Back to Cmdlet
Get-BloodHoundNodeOwned
Alias: Get-NodeOwned
, Owned
Back to Index
Synopsis
BloodHound Node - Get Owned
Description
Get BloodHound Owned Nodes per type
Syntax
Get-BloodHoundNodeOwned [[-Type] <String>] [+]
Parameters
Type
Mandatory | false |
Type | string |
Position | 1 |
Default | Computer |
PipelineInput | false |
Dynamic | False |
Alias | |
Domain
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Owned Computer
Back to Cmdlet
Get-BloodHoundNodeNote
Alias: NodeNote
, Note
Back to Index
Synopsis
BloodHound Node - Get Note
Description
Get BloodHound Node Notes
Syntax
Get-BloodHoundNodeNote [-Type] {Computer | Domain | Group | User | GPO | OU} [-Cypher] [+]
Parameters
Type
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
note user ALBINA_BRASHEAR@DOMAIN.LOCAL
Back to Cmdlet
Set-BloodHoundNodeNote
Alias: NoteUpdate
, Set-NodeNote
Back to Index
Synopsis
BloodHound Node - Set Notes
Description
Set BloodHound Node Notes
Syntax
Set-BloodHoundNodeNote [-Type] {Computer | Domain | Group | User | GPO | OU} [-Overwrite] [-Stamp] [-Cypher] [+]
Set-BloodHoundNodeNote [-Type] {Computer | Domain | Group | User | GPO | OU} -Clear [-Cypher] [+]
Parameters
Type
Node Type [Mandatory]
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Overwrite
Overwrite
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Stamp
Stamp
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Clear
Cypher
Mandatory | true |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Text
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
NoteUpdate user ALBINA_BRASHEAR@DOMAIN.LOCAL 'HelloWorld'
Back to Cmdlet
Get-BloodHoundBlacklist
Alias: Blacklist
, Get-Blacklist
Back to Index
Synopsis
BloodHound Node - Get Blacklist
Description
Get BloodHound Node Blacklist
Syntax
Get-BloodHoundBlacklist [-Type] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
Type
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Blacklist User
Back to Cmdlet
Set-BloodHoundBlacklist
Alias: BlacklistAdd
, Set-Blacklist
Back to Index
Synopsis
BloodHound Node - Set Blacklist
Description
Set BloodHound Blacklist Node
Syntax
Set-BloodHoundBlacklist [-Type] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
Type
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
BlacklistUpdate User Bob
Back to Cmdlet
Remove-BloodHoundBlacklist
Alias: BlacklistDelete
, Remove-Blacklist
Back to Index
Synopsis
BloodHound Node - Remove Blacklist
Description
Remove Node from blacklist
Syntax
Remove-BloodHoundBlacklist [-Type] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
Type
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Mandatory | |
Type | |
Position | |
Default | |
PipelineInput | |
Dynamic | |
Alias | |
Mandatory | |
Type | |
Position | |
Default | |
PipelineInput | |
Dynamic | |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
BlacklistDelete User Bob
Back to Cmdlet
Get-BloodHoundEdge
Alias: Edge
, Get-Edge
, WhereTo
Back to Index
Synopsis
BloodHound Edge - Get Target
Description
Specify Source Name / Return Target
Syntax
Get-BloodHoundEdge [-SourceType] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
EdgeType
Mandatory | |
Type | EdgeType |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
TargetType
Mandatory | |
Type | NodeType |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Degree
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Edge user ALBINA_BRASHEAR@DOMAIN.LOCAL MemberOf Group
Back to Cmdlet
Get-BloodHoundEdgeReverse
Alias: EdgeR
, Get-EdgeR
, What
Back to Index
Synopsis
BloodHound Edge - Get Source
Description
Specify Target Name / Return Source
Syntax
Get-BloodHoundEdgeReverse [-SourceType] {Computer | Domain | Group | User | GPO | OU} [-EdgeType] {MemberOf | HasSession | AdminTo | TrustedBy | AllExtendedRights | AddMember | ForceChangePassword | GenericAll | GenericWrite | Owns | WriteDacl | WriteOwner | ReadLAPSPassword | Contains | GpLink | CanRDP | ExecuteDCOM | AllowedToDelegate} [-TargetType] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
EdgeType
Mandatory | true |
Type | EdgeType |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
TargetType
Mandatory | true |
Type | NodeType |
Position | 3 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Degree
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
EdgeR User MemberOf Group ADMINISTRATORS@SUB.DOMAIN.LOCAL
Back to Cmdlet
Get-BloodHoundEdgeCrossDomain
Alias: CrossDomain
Back to Index
Synopsis
BloodHound Edge - Get CrossDomain
Description
Get BloodHound Cross Domain Member|Session Relationships
Syntax
Get-BloodHoundEdgeCrossDomain [-Type] <String> [-Cypher] [+]
Parameters
Type
Mandatory | true |
Type | string |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Get-BloodHoundCrossDomain Session
-------------------------- EXAMPLE 2 --------------------------
CrossDomain Member
Back to Cmdlet
Get-BloodHoundEdgeCount
Alias: EdgeCount
, TopNode
Back to Index
Synopsis
BloodHound Edge - Get Count
Description
Get Top Nodes By Edge Count
Syntax
Get-BloodHoundEdgeCount [-type] <String> [-Limit <Int32>] [-Cypher] [+]
Parameters
type
Mandatory | true |
Type | string |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Limit
Mandatory | false |
Type | int |
Position | named |
Default | 5 |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Domain
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
EdgeCount Membership
Back to Cmdlet
Get-BloodHoundEdgeInfo
Alias: EdgeInfo
, Get-EdgeInfo
Back to Index
Synopsis
BloodHound Edge - Get Info
Description
Get BloodHound Edge Info [online]
Syntax
Get-BloodHoundEdgeInfo [-Type] {MemberOf | HasSession | AdminTo | TrustedBy | AllExtendedRights | AddMember | ForceChangePassword | GenericAll | GenericWrite | Owns | WriteDacl | WriteOwner | ReadLAPSPassword | Contains | GpLink | CanRDP | ExecuteDCOM | AllowedToDelegate} [-Online] [+]
Parameters
Type
Mandatory | true |
Type | EdgeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Online
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
EdgeInfo MemberOf
-------------------------- EXAMPLE 2 --------------------------
EdgeInfo MemberOf -Online
Back to Cmdlet
New-BloodHoundEdge
Alias: EdgeCreate
, New-Edge
Back to Index
Synopsis
BloodHound Edge - Create Edge
Description
Create Edges Between nodes
Syntax
New-BloodHoundEdge [-SourceType] {Computer | Domain | Group | User | GPO | OU} [-EdgeType] {MemberOf | HasSession | AdminTo | TrustedBy | AllExtendedRights | AddMember | ForceChangePassword | GenericAll | GenericWrite | Owns | WriteDacl | WriteOwner | ReadLAPSPassword | Contains | GpLink | CanRDP | ExecuteDCOM | AllowedToDelegate} [-TargetType] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
EdgeType
Mandatory | true |
Type | EdgeType |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
TargetType
Mandatory | true |
Type | NodeType |
Position | 3 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
To
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
EdgeCreate User MemberOf Group ALBINA_BRASHEAR@DOMAIN.LOCAL ADMINISTRATORS@DOMAIN.LOCAL
Back to Cmdlet
Remove-BloodHoundEdge
Alias: EdgeDelete
, Remove-Edge
Back to Index
Synopsis
BloodHound Edge - Delete Edge
Description
Remove Edge between nodes
Syntax
Remove-BloodHoundEdge [-SourceType] {Computer | Domain | Group | User | GPO | OU} [-EdgeType] {MemberOf | HasSession | AdminTo | TrustedBy | AllExtendedRights | AddMember | ForceChangePassword | GenericAll | GenericWrite | Owns | WriteDacl | WriteOwner | ReadLAPSPassword | Contains | GpLink | CanRDP | ExecuteDCOM | AllowedToDelegate} [-TargetType] {Computer | Domain | Group | User | GPO | OU} [?] [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
EdgeType
Mandatory | true |
Type | EdgeType |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
TargetType
Mandatory | true |
Type | NodeType |
Position | 3 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
To
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
EdgeDelete User MemberOf Group ALBINA_BRASHEAR@DOMAIN.LOCAL ADMINISTRATORS@DOMAIN.LOCAL
Back to Cmdlet
Get-BloodHoundPathShort
Alias: Get-PathShort
, Path
Back to Index
Synopsis
BloodHound Path - Get Shortest
Description
Get BloodHound Shortest/AllShortest Path
Syntax
Get-BloodHoundPathShort [-SourceType] {Computer | Domain | Group | User | GPO | OU} [-TargetType] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
TargetType
Mandatory | true |
Type | NodeType |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
To
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Edge
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Exclude
Mandatory | |
Type | EdgeType[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Include
Mandatory | |
Type | EdgeType[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
MaxHop
Mandatory | |
Type | int |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
BlackL
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
All
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Path user Group ALBINA_BRASHEAR@DOMAIN.LOCAL 'SCHEMA [email protected]'
Back to Cmdlet
Get-BloodHoundPathAny
Alias: Get-PathAny
, PathAny
Back to Index
Synopsis
BloodHound Path - Get Any
Description
Get 'Any' Path
Syntax
Get-BloodHoundPathAny [-SourceType] {Computer | Domain | Group | User | GPO | OU} [-TargetType] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
TargetType
Mandatory | true |
Type | NodeType |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
To
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Edge
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Exclude
Mandatory | |
Type | EdgeType[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Include
Mandatory | |
Type | EdgeType[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
MaxHop
Mandatory | |
Type | int |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
BlackL
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
PathAny user Group ALBINA_BRASHEAR@DOMAIN.LOCAL 'SCHEMA [email protected]'
Back to Cmdlet
Get-BloodHoundPathCost
Alias: PathCost
Back to Index
Synopsis
BloodHound Path - Get Cost
Description
Get BloodHound Path Cost
Syntax
Get-BloodHoundPathCost [-Path] <BHEdge> [+]
Parameters
Path
Mandatory | true |
Type | BHEdge |
Position | 1 |
Default | |
PipelineInput | true (ByValue) |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
path user group GARY_CATANIA@SUB.DOMAIN.LOCAL 'RDS ENDPOINT [email protected]' -all | pathcost
Back to Cmdlet
Get-BloodHoundPathCheap
Alias: Get-PathCheap
, PathCheap
Back to Index
Synopsis
BloodHound Path - Get Cheapest
Description
Get BloodHound Cheapest Path
Syntax
Get-BloodHoundPathCheap [-SourceType] {Computer | Domain | Group | User | GPO | OU} [-TargetType] {Computer | Domain | Group | User | GPO | OU} [+]
Parameters
SourceType
Mandatory | true |
Type | NodeType |
Position | 1 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
TargetType
Mandatory | true |
Type | NodeType |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Name
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
To
Mandatory | |
Type | string |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Edge
Mandatory | |
Type | string[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Exclude
Mandatory | |
Type | EdgeType[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Include
Mandatory | |
Type | EdgeType[] |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Expand
Mandatory | |
Type | int |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
BlackL
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Cypher
Mandatory | |
Type | switch |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Limit
Mandatory | |
Type | int |
Position | |
Default | |
PipelineInput | |
Dynamic | True |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
pathcheap user group GARY_CATANIA@SUB.DOMAIN.LOCAL 'RDS ENDPOINT [email protected]'
Back to Cmdlet
Get-BloodHoundWald0IO
Alias: Get-Wald0IO
, Wald0IO
Back to Index
Synopsis
BloodHound Path - Get Wald0 Index
Description
Calculate wald0 Index for specified Group
Syntax
Get-BloodHoundWald0IO [[-Name] <String>] [[-Direction] <String>] [[-Type] <String>] [[-Edge] <String[]>] [-Exclude {MemberOf | HasSession | AdminTo | TrustedBy | AllExtendedRights | AddMember | ForceChangePassword | GenericAll | GenericWrite | Owns | WriteDacl | WriteOwner | ReadLAPSPassword | Contains | GpLink | CanRDP | ExecuteDCOM | AllowedToDelegate}] [-Include {MemberOf | HasSession | AdminTo | TrustedBy | AllExtendedRights | AddMember | ForceChangePassword | GenericAll | GenericWrite | Owns | WriteDacl | WriteOwner | ReadLAPSPassword | Contains | GpLink | CanRDP | ExecuteDCOM | AllowedToDelegate}] [-DomainOnly] [-BlackL] [-Cypher] [+]
Parameters
Name
Mandatory | false |
Type | string |
Position | 1 |
Default | |
PipelineInput | true (ByValue, ByPropertyName) |
Dynamic | False |
Alias | TargetGroup |
Direction
Mandatory | false |
Type | string |
Position | 2 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Type
Mandatory | false |
Type | string |
Position | 3 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Edge
Mandatory | false |
Type | string[] |
Position | 4 |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Exclude
Mandatory | false |
Type | EdgeType[] |
Position | named |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
Include
Mandatory | false |
Type | EdgeType[] |
Position | named |
Default | |
PipelineInput | false |
Dynamic | False |
Alias | |
DomainOnly
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
BlackL
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Cypher
Mandatory | false |
Type | switch |
Position | named |
Default | False |
PipelineInput | false |
Dynamic | False |
Alias | |
Examples
-------------------------- EXAMPLE 1 --------------------------
Node Group ADMINISTRATORS@DOMAIN.LOCAL | Wlad0IO
Back to Cmdlet
Notes
This is it...
That's all Folks