mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-03-31 00:09:29 +02:00
72 lines
1.8 KiB
YAML
72 lines
1.8 KiB
YAML
name: "bloodhound"
|
|
command: "bloodhound-python"
|
|
enabled: true
|
|
short_description: "Active Directory 攻击路径分析和可视化工具"
|
|
description: |
|
|
BloodHound 是一个 Active Directory 攻击路径分析和可视化工具,通过收集域内信息并分析攻击路径。
|
|
|
|
**主要功能:**
|
|
- 域信息收集
|
|
- 攻击路径分析
|
|
- 权限关系可视化
|
|
- 最短攻击路径计算
|
|
- 高风险路径识别
|
|
|
|
**使用场景:**
|
|
- Active Directory 安全评估
|
|
- 后渗透测试
|
|
- 域环境审计
|
|
- 红队演练
|
|
|
|
**注意事项:**
|
|
- 需要域用户凭据
|
|
- 需要 Neo4j 数据库支持
|
|
- 收集过程可能需要较长时间
|
|
- 建议在授权环境中使用
|
|
parameters:
|
|
- name: "domain"
|
|
type: "string"
|
|
description: "目标域名"
|
|
required: false
|
|
flag: "-d"
|
|
format: "flag"
|
|
- name: "username"
|
|
type: "string"
|
|
description: "域用户名"
|
|
required: false
|
|
flag: "-u"
|
|
format: "flag"
|
|
- name: "password"
|
|
type: "string"
|
|
description: "域用户密码"
|
|
required: false
|
|
flag: "-p"
|
|
format: "flag"
|
|
- name: "collection_method"
|
|
type: "string"
|
|
description: "收集模式 (All, ACL, DCOM, LocalAdmin, RDP 等)"
|
|
required: false
|
|
default: "All"
|
|
flag: "-c"
|
|
format: "flag"
|
|
- name: "dc"
|
|
type: "string"
|
|
description: "域控制器 IP 地址"
|
|
required: false
|
|
flag: "-dc"
|
|
format: "flag"
|
|
- name: "additional_args"
|
|
type: "string"
|
|
description: |
|
|
额外的bloodhound参数。用于传递未在参数列表中定义的bloodhound选项。
|
|
|
|
**示例值:**
|
|
- 根据工具特性添加常用参数示例
|
|
|
|
**注意事项:**
|
|
- 多个参数用空格分隔
|
|
- 确保参数格式正确,避免命令注入
|
|
- 此参数会直接追加到命令末尾
|
|
required: false
|
|
format: "positional"
|