- BHComposer
- BHSession
- BHAPI
- BHServer
- BHOperator
- Disable-BHOperator
- Enable-BHOperator
- Get-BHOperator
- New-BHOperator
- Remove-BHOperator
- Set-BHOperator
- Approve-BHOperatorEULA
- Get-BHOperatorHelp
- Get-BHOperatorMFAStatus
- Get-BHOperatorPermission
- Get-BHOperatorRole
- Revoke-BHOperatorSecret
- Set-BHOperatorSecret
- Get-BHOperatorToken
- New-BHOperatorToken
- Revoke-BHOperatorToken
- BHData
- BHNode
- BHPath
- BHClient
- BHEvent
Get BloodHound Composer
Get-BHComposer [-ComposerFolder <Object>]
Get-BHComposer -Composer [-ComposerFolder <Object>]
Get-BHComposer -Env [-ComposerFolder <Object>]
Get-BHComposer -Config [-ComposerFolder <Object>]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHComposer
See Help Get-BHComposer for more info
Alias: BHComposer
Invoke BloodHound Composer
Invoke-BHComposer [[-Action] <string>] [-ComposerFolder <string>] [-Force]
Invoke-BHComposer -Command <string> [-ComposerFolder <string>]-------------------------- EXAMPLE 1 --------------------------
PS > Invoke-BHComposer Up
See Help BHComposer for more info
New BloodHound Composer
New-BHComposer [[-ComposerFolder] <string>] [-IncludeEnv] [-IncludeConfig]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHComposer $FolderLocation
See Help New-BHComposer for more info
Alias: BHLog
Get BloodHound Composer Logs
Get-BHComposerLog [-Limit <string>] [-ComposerFolder <Object>]
Get-BHComposerLog -Trace [-Limit <string>] [-ComposerFolder <Object>]
Get-BHComposerLog -TraceObject [-Limit <string>] [-ComposerFolder <Object>]-------------------------- EXAMPLE 1 --------------------------
PS > BHLog -TraceObject | select time,status,message
See Help BHLog for more info
Alias: BHSession
Get BloodHound API Session
Get-BHSession [-Selected]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHSession
-------------------------- EXAMPLE 2 --------------------------
PS > Get-BHSession -Selected
See Help BHSession for more info
New BloodHound API Session
New-BHSession [-JWT] <string> [-Server <string>] [-Port <string>] [-Protocol <string>] [-CypherClip]
New-BHSession -TokenID <string> -Token <securestring> [-Server <string>] [-Port <string>] [-Protocol <string>] [-CypherClip]-------------------------- EXAMPLE 1 --------------------------
PS > $TokenKey = Get-Clipboard | Convertto-SecureString -AsPlainText -Force
Convert plaintext token key from clipboard to secure string variable
-------------------------- EXAMPLE 2 --------------------------
PS > New-BHSession -TokenID $TokenID -Token $TokenKey
Create a BHCE session (localhost:8080).
- $TokenKey must be secure string.
-------------------------- EXAMPLE 3 --------------------------
PS > New-BHSession -Server $Instance -TokenID $TokenID -Token $TokenKey
Create a BHE session.
- $TokenKey must be secure string.
-------------------------- EXAMPLE 4 --------------------------
PS > New-BHSession -JWT $JWT [-Server $Instance]
Create Session with JWT
See Help New-BHSession for more info
Remove BloodHound API Session
Remove-BHSession [-ID] <int[]> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Remove-BHSession
See Help Remove-BHSession for more info
Alias: BHSelect
Select BloodHound API Session
Select-BHSession [-ID] <int[]>
Select-BHSession -None-------------------------- EXAMPLE 1 --------------------------
PS > Select-BHSession 1
See Help BHSelect for more info
Set BloodHound API Session
Set-BHSession [[-Limit] <int>] [[-Timeout] <int>] [-CypherClip] [-NoClip]-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHSession
See Help Set-BHSession for more info
Alias: BHScript
Invoke BloodHound API Session Script
Invoke-BHSessionScript [[-Script] <scriptblock>] [[-SessionID] <int[]>]-------------------------- EXAMPLE 1 --------------------------
PS > BHScript {BHOperator -self | select principal_name} -SessionID 1,2
See Help BHScript for more info
Alias: BHAPIInfo
Get BloodHound API Info
Get-BHAPI-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHAPI
-------------------------- EXAMPLE 2 --------------------------
PS > Get-BHAPI | select-object method,route,summary | sort-object route
See Help BHAPIInfo for more info
Alias: BHAPI
Invoke BloodHound API call
Invoke-BHAPI [-URI] <string> [[-Method] <string>] [[-Body] <string>] [[-Filter] <string[]>] [[-SessionID] <int[]>] [[-Timeout] <int>] [[-Expand] <string>]-------------------------- EXAMPLE 1 --------------------------
PS > Invoke-BHAPI /api/version | Select-Object -ExpandProperty data | Select-Object -ExpandProperty server_version
-------------------------- EXAMPLE 2 --------------------------
PS > bhapi api/version -expand data.server_version
-------------------------- EXAMPLE 3 --------------------------
PS > BHAPI bloodhound-users POST $Json
See Help BHAPI for more info
Alias: BHAudit
Get BloodHound Server Audit Log
Get-BHServerAuditLog [[-Limit] <string>] [[-Before] <datetime>] [[-After] <datetime>] [[-Filter] <string[]>] [[-Skip] <string>]-------------------------- EXAMPLE 1 --------------------------
PS > BHAudit
See Help BHAudit for more info
Alias: BHConfig
Get BloodHound Server Config
Get-BHServerConfig-------------------------- EXAMPLE 1 --------------------------
PS > BHConfig
See Help BHConfig for more info
Alias: Set-BHConfig
Set BloodHound Server Config
Set-BHServerConfig [-ConfigKey] <string[]> [-Value] <hashtable>-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHConfig -key prune.ttl -value @{base_ttl="P8D";has_session_edge_ttl="P5D"}
-------------------------- EXAMPLE 2 --------------------------
PS > Set-BHConfig -key analysis.reconciliation -value @{enabled=$true}
See Help Set-BHConfig for more info
Alias: BHFeature
Get BloodHound Server Feature
Get-BHServerFeature-------------------------- EXAMPLE 1 --------------------------
PS > BHFeature
See Help BHFeature for more info
Alias: Set-BHFeature
Set BloodHound Server Feature
Set-BHServerFeature -FeatureID <int[]> -Enabled
Set-BHServerFeature -FeatureID <int[]> -Disabled-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHFeature -id 1 -Enabled
See Help Set-BHFeature for more info
Alias: BHSAMLEndpoint
Get BloodHound SAML Endpoints
Get-BHServerSAMLEndpoint-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHServerSAMLEndpoint
See Help BHSAMLEndpoint for more info
Alias: BHSAMLProvider
Get BloodHound SAML Provider
Get-BHServerSAMLProvider [[-ProviderID] <int>]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHServerSAMLProvider
See Help BHSAMLProvider for more info
Alias: New-BHSAMLProvider
New BloodHound SAML Provider
New-BHServerSAMLProvider [-Name] <string> [-Metadata] <string>-------------------------- EXAMPLE 1 --------------------------
PS > New-BHServerSAMLProvider
See Help New-BHSAMLProvider for more info
Alias: Remove-BHSAMLProvider
Remove BloodHound SAML Provider
Remove-BHServerSAMLProvider [-ProviderID] <int> [-Force] [-PassThru]-------------------------- EXAMPLE 1 --------------------------
Remove-BHServerSAMLProvider -id <id>[-Force]
See Help Remove-BHSAMLProvider for more info
Alias: BHVersion
Get BloodHound Server version
Get-BHServerVersion [[-SessionID] <int[]>]-------------------------- EXAMPLE 1 --------------------------
PS > BHVersion
See Help BHVersion for more info
Disable BloodHound Operator
Disable-BHOperator [-OperatorID] <string[]> [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > BHOperator -id 2 | Disable-BHOperator
See Help Disable-BHOperator for more info
Enable BloodHound Operator
Enable-BHOperator [-OperatorID] <string[]> [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > BHOperator -id 2 | Enable-BHOperator
See Help Enable-BHOperator for more info
Alias: BHOperator
Get BloodHound Operator
Get-BHOperator
Get-BHOperator -ID <string[]>
Get-BHOperator -Name <string[]>
Get-BHOperator -Current
Get-BHOperator -Role <string>-------------------------- EXAMPLE 1 --------------------------
PS > BHOperator
See Help BHOperator for more info
New BloodHound Operator
New-BHOperator [-Name] <string> [[-FirstName] <string>] [[-LastName] <string>] [[-Email] <string>] [[-Role] <int[]>] [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHOperator -name bob
See Help New-BHOperator for more info
Remove BloodHound Operator
Remove-BHOperator [-OperatorID] <string[]> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Remove-BHOperator
See Help Remove-BHOperator for more info
Set BloodHound Operator
Set-BHOperator [-OperatorID] <string> [[-Name] <string>] [[-FirstName] <string>] [[-LastName] <string>] [[-Email] <string>] [[-Role] <int[]>] [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > BHOperator -id 2 | Set-BHOperator -firstname alice
See Help Set-BHOperator for more info
[BHE] Approve BloodHound EULA
Approve-BHOperatorEULA-------------------------- EXAMPLE 1 --------------------------
PS > Approve-BHOperatorEULA
See Help Approve-BHOperatorEULA for more info
Alias: BHHelp
Get BloodHound Operator Help
Get-BHOperatorHelp [-ReadTheDocs] [-Online]
Get-BHOperatorHelp [-TierZero] [-Online]-------------------------- EXAMPLE 1 --------------------------
PS > BHHelp
See Help BHHelp for more info
Alias: BHOperatorMFA
Get BloodHound Operator MFA status
Get-BHOperatorMFAStatus [-ID] <string[]>-------------------------- EXAMPLE 1 --------------------------
PS > BHOperator -self | Get-BHOperatorMFAStatus
See Help BHOperatorMFA for more info
Alias: BHPermission
Get BloodHound Operator Permission
Get-BHOperatorPermission [-Current]-------------------------- EXAMPLE 1 --------------------------
PS > BHPermission
See Help BHPermission for more info
Alias: BHRole
Get BloodHound Operator Role
Get-BHOperatorRole [-Current]-------------------------- EXAMPLE 1 --------------------------
PS > BHRole
See Help BHRole for more info
Alias: Revoke-BHSecret
Revoke BloodHound Operator Secret
Revoke-BHOperatorSecret [-OperatorID] <string> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Revoke-BHSecret
See Help Revoke-BHSecret for more info
Alias: Set-BHSecret
Set BloodHound Operator Secret
Set-BHOperatorSecret [-OperatorID] <string> [[-Secret] <string>] [-RequireReset] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHSecret
See Help Set-BHSecret for more info
Alias: BHToken
Get BloodHound Operator Token
Get-BHOperatorToken [[-Operator] <string[]>]-------------------------- EXAMPLE 1 --------------------------
PS > BHToken
See Help BHToken for more info
Alias: New-BHToken
New BloodHound Operator Token
New-BHOperatorToken [-OperatorID] <string> [[-TokenName] <string>] [-AsPlainText] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHToken -ID $OperatorID -TokenName $TokenName
See Help New-BHToken for more info
Alias: Revoke-BHToken
Revoke BloodHound Operator Token
Revoke-BHOperatorToken [[-TokenID] <string[]>] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Revoke-BHToken
See Help Revoke-BHToken for more info
Alias: BHData
Get BloodHound Data
Get-BHData [[-ID] <string[]>] [-Limit <int>] [-Filter <string[]>] [-Expand <string>]
Get-BHData -ListDomain [-Collected] [-Limit <int>] [-Filter <string[]>] [-Expand <string>]
Get-BHData -Platform <string> [-Limit <int>] [-Filter <string[]>] [-Expand <string>]
Get-BHData -PipeStatus [-Limit <int>] [-Filter <string[]>] [-Expand <string>]-------------------------- EXAMPLE 1 --------------------------
PS > BHData -ListDomain
-------------------------- EXAMPLE 2 --------------------------
PS > BHData -Platform AD
-------------------------- EXAMPLE 3 --------------------------
PS > BHData -id $DomainID
-------------------------- EXAMPLE 4 --------------------------
PS > BHData
See Help BHData for more info
Alias: BHDataAnalysis
Start BloodHound Data Analysis
Start-BHDataAnalysis-------------------------- EXAMPLE 1 --------------------------
PS > Start-BHDataAnalysis
See Help BHDataAnalysis for more info
Clear BloodHound Database
Clear-BHDatabase [-GraphData] [-IngestHistory] [-DataHistory] [-Force] [-Really]-------------------------- EXAMPLE 1 --------------------------
PS > Clear-BHDatabase -GraphData -Force -Really
See Help Clear-BHDatabase for more info
Alias: BHCollector
Get BloodHound Data Collector
Get-BHDataCollector [[-Collector] <string[]>]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHDataCollector
See Help BHCollector for more info
Alias: Import-BHCollector
Import BloodHound Data Collector
Import-BHDataCollector -SharpHound [-Version <string>] [-Unzip]
Import-BHDataCollector -AzureHound [-Version <string>] [-Unzip]-------------------------- EXAMPLE 1 --------------------------
PS > Import-BHDataCollector -SharpHound
See Help Import-BHCollector for more info
Alias: BHPosture
[BHE] Get BloodHound Data Posture
Get-BHDataPosture -DomainID <string[]> [-Limit <int>] [-StartDate <datetime>] [-EndDate <datetime>]
Get-BHDataPosture -DomainID <string[]> -Exposure [-StartDate <datetime>] [-EndDate <datetime>]
Get-BHDataPosture -DomainID <string[]> -Findings [-StartDate <datetime>] [-EndDate <datetime>]
Get-BHDataPosture -DomainID <string[]> -Assets [-StartDate <datetime>] [-EndDate <datetime>]
Get-BHDataPosture -DomainID <string[]> -GroupCompleteness [-StartDate <datetime>] [-EndDate <datetime>]
Get-BHDataPosture -DomainID <string[]> -SessionCompleteness [-StartDate <datetime>] [-EndDate <datetime>]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHDataPosture
-------------------------- EXAMPLE 2 --------------------------
PS > BHSearch Domain test | BHPosture -Exposure -StartDate (date).adddays(-30)
See Help BHPosture for more info
Alias: BHRead
Read BloodHound Data Source
Read-BHDataSource [-Source] <string[]> [[-Split] <int>] [-Unpack]-------------------------- EXAMPLE 1 --------------------------
PS > Read-BHDataSource $Zip -Split 5000
See Help BHRead for more info
Alias: BHUpload
Get BloodHound Data Upload
Get-BHDataUpload [[-Expand] <string>] [[-Limit] <int>]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHDataUpload
-------------------------- EXAMPLE 2 --------------------------
PS > Get-BHDataUpload -limit 10
See Help BHUpload for more info
Alias: BHDataUpload
Invoke BloodHound Data Upload
Invoke-BHDataUpload [-Data] <string[]> [[-Split] <int>]-------------------------- EXAMPLE 1 --------------------------
PS > BHDataUpload $Zip
See Help BHDataUpload for more info
Alias: BHDataUploadJSON
New BloodHound Data Upload
New-BHDataUpload [-UploadJSON] <string[]>-------------------------- EXAMPLE 1 --------------------------
PS > BHDataUploadJSON $JSON
See Help BHDataUploadJSON for more info
Alias: BHFormat
Format BloodHound Node
Format-BHNode [-Object] <psobject> [-PropOnly]-------------------------- EXAMPLE 1 --------------------------
PS > BHFormat
See Help BHFormat for more info
Alias: BHNode
Get BloodHound Node
Get-BHNode [[-List] <string>] [-ObjectID] <string[]> [-PropOnly] [-Expand <string>] [-AsPath] [-Limit <int>] [-Cypher] [-SessionID <int[]>]
Get-BHNode [[-List] <string>] [[-Keyword] <string[]>] -Search [-PropOnly] [-Expand <string>] [-AsPath] [-Limit <int>] [-Cypher] [-SessionID <int[]>]-------------------------- EXAMPLE 1 --------------------------
BHNode User -id <id>
-------------------------- EXAMPLE 2 --------------------------
PS > BHNode -Search User alice
-------------------------- EXAMPLE 3 --------------------------
PS > bhnode -search user yoda -list controllers
-------------------------- EXAMPLE 4 --------------------------
PS > bhnode -search user yoda -list controllers -AsPath [-Cypher] # EXPERIMENTAL - DO NOT TRUST OUTPUT
See Help BHNode for more info
Alias: BHSearch
Search BloodHound Node
Search-BHNode [[-Label] <BHEntityType[]>] [[-Keyword] <string[]>] [-Limit <int>] [-Exact] [-SessionID <int[]>]-------------------------- EXAMPLE 1 --------------------------
PS > BHSearch user bob
See Help BHSearch for more info
Remove BHNode From BHNodeGroup
Remove-BHNodeFromNodeGroup [-ObjectID] <string[]> [-NodeGroupID] <int[]> [-Analyse] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > BHSearch User alice | Remove-BHNodeFromNodeGroup -NodeGroupID 1
See Help Remove-BHNodeFromNodeGroup for more info
Alias: BHNodeGroup
Get BloodHound Asset Group
Get-BHNodeGroup [[-ID] <string[]>] [-Selector]
Get-BHNodeGroup [-ID] <string[]> -Member [-EnvironmentID <string>] [-Count]
Get-BHNodeGroup [-ID] <string[]>
Get-BHNodeGroup [-ID] <string[]> -CustomCount-------------------------- EXAMPLE 1 --------------------------
PS > BHNodeGroup
See Help BHNodeGroup for more info
New BloodHound Asset Group
New-BHNodeGroup [-Name] <string> [[-Tag] <string>] [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHNodeGroup TestGroup
See Help New-BHNodeGroup for more info
Remove BloodHound Asset Group
Remove-BHNodeGroup [-ID] <int[]> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Remove-BHNodeGroup 2
See Help Remove-BHNodeGroup for more info
Set BloodHound Asset Group
Set-BHNodeGroup [-ID] <int> [-Name] <string>-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHNodeGroup -ID $GroupID -Name $NewName
See Help Set-BHNodeGroup for more info
Alias: BHMeta
[BHE] Get BloodHound Entity Meta
Get-BHNodeMeta [-ID] <string[]>-------------------------- EXAMPLE 1 --------------------------
BHMeta <objectID>
See Help BHMeta for more info
Add BHNode To BHNodeGroup
Add-BHNodeToNodeGroup [-ObjectID] <string[]> [-NodeGroupID] <int> [-Analyze] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > BHSearch User alice | Add-BHNodeToNodeGroup -NodeGroupID 1
See Help Add-BHNodeToNodeGroup for more info
Alias: BHCypher
Get BloodHound Path
Get-BHPath [-Query] <string> [-Cypher] [-NoConvert] [-Minimal] [-Expand <string>]
Get-BHPath -TargetID <string[]> [-All] [-Shortest] [-SourceID <string[]>] [-Edge <string[]>] [-Hop <string>] [-SourceWhere <string>] [-TargetWhere <string>] [-PathWhere <string>] [-Return <string>] [-OrderBy <string>] [-Limit <int>] [-Cypher] [-NoConvert] [-Minimal] [-Expand <string>]
Get-BHPath [-All] [-Shortest] [-Source <string>] [-Target <string>] [-Edge <string[]>] [-Hop <string>] [-SourceWhere <string>] [-TargetWhere <string>] [-PathWhere <string>] [-Return <string>] [-OrderBy <string>] [-Limit <int>] [-Cypher] [-NoConvert] [-Minimal] [-Expand <string>]-------------------------- EXAMPLE 1 --------------------------
PS > BHPath
See Help BHCypher for more info
Alias: BHComposition
Get BloodHound Path Composition
Get-BHPathComposition [-SourceID] <string> [-TargetID] <string> [-EdgeType] <string>-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHPathComposition -SourceID $x -EdgeType $r -TargetID $y
-------------------------- EXAMPLE 2 --------------------------
BHPath "MATCH p=(:User{name:'$UserName'})-[:ADCSESC1]->(:Domain) RETURN p" | BHComposition | ft
See Help BHComposition for more info
Alias: BHFilter
Get BloodHound Path Filter
Get-BHPathFilter [-String] [-Cypher]
Get-BHPathFilter -ListAll-------------------------- EXAMPLE 1 --------------------------
PS > BHFilter
See Help BHFilter for more info
Alias: BHFilterSelect
Select BloodHound Path Filter
Select-BHPathFilter -All
Select-BHPathFilter -None
Select-BHPathFilter -Platform <BHPlatform[]> [-NoSelect]
Select-BHPathFilter -EdgeGroup <BHEdgeGroup[]> [-NoSelect]
Select-BHPathFilter -Edge <BHEdge[]> [-NoSelect]-------------------------- EXAMPLE 1 --------------------------
PS > Select-BHFilter
See Help BHFilterSelect for more info
Alias: Approve-BHFinding
[BHE] Approve BloodHound Path Finding
Approve-BHPathFinding [-ID] <int[]> [-FindingType] <BHFindingType> [-Accepted] <bool> [[-Until] <datetime>] [-Force] [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > Approve-BHPathFinding -ID $id [-Force]
See Help Approve-BHFinding for more info
Alias: BHFinding
[BHE] Get BloodHound Path Finding
Get-BHPathFinding [-TypeList]
Get-BHPathFinding [-DomainID] <string[]> -ListAvail
Get-BHPathFinding [-DomainID] <string[]> -Detail [-FindingType <BHFindingType[]>] [-Limit <int>]
Get-BHPathFinding [-DomainID] <string[]> -Sparkline [-FindingType <BHFindingType[]>] [-StartDate <datetime>] [-EndDate <datetime>] [-Limit <int>]
Get-BHPathFinding [-DomainID] <string[]> -Trend [-StartDate <datetime>] [-EndDate <datetime>]-------------------------- EXAMPLE 1 --------------------------
PS > BHFinding -TypeList
-------------------------- EXAMPLE 2 --------------------------
PS > BHFinding -ListAvail -DomainID $ID
-------------------------- EXAMPLE 3 --------------------------
PS > BHFinding -Detail -DomainID $ID -Type Kerberoasting
-------------------------- EXAMPLE 4 --------------------------
PS > BHSearch Domain | BHFinding -Trend -Verbose -start (date).adddays(-10)
See Help BHFinding for more info
Alias: BHPathAnalysis
[BHE] Start BloodHound Path Finding
Start-BHPathFinding-------------------------- EXAMPLE 1 --------------------------
PS > Start-BHPathFinding
See Help BHPathAnalysis for more info
Alias: BHFindingInfo
Get-BHPathFindingInfo [[-FindingType] <BHFindingType[]>] [-Full] [-OutMarkDown] []
Get-BHPathFindingInfo [[-FindingType] <BHFindingType[]>] [-Full] [-OutMarkDown]-------------------------- EXAMPLE 1
See Help BHFindingInfo for more info
Alias: BHQuery
Get BloodHound Query
Get-BHPathQuery [[-ID] <string[]>] [-Expand <string>]
Get-BHPathQuery -Name <string[]> [-Expand <string>]
Get-BHPathQuery -Scope <string> [-Expand <string>]
Get-BHPathQuery -Description <string[]> [-Expand <string>]-------------------------- EXAMPLE 1 --------------------------
PS > BHQuery
-------------------------- EXAMPLE 2 --------------------------
PS > BHQuery -ID 123
-------------------------- EXAMPLE 3 --------------------------
PS > BHQuery -name MyQuery
-------------------------- EXAMPLE 4 --------------------------
BHQuery -description <keyword>
-------------------------- EXAMPLE 5 --------------------------
BHQuery -scope <shared|public>
See Help BHQuery for more info
Alias: BHInvoke
Invoke BloodHound Query
Invoke-BHPathQuery [-Query] <string> [[-Description] <string>] [[-Name] <string>] [[-ID] <string>] [[-Param] <hashtable>] [[-Expand] <string>] [[-Select] <string[]>] [-Minimal] [-Cypher]-------------------------- EXAMPLE 1 --------------------------
PS > Invoke-BHQuery "MATCH (x:User) RETURN x LIMIT 1"
-------------------------- EXAMPLE 2 --------------------------
PS > Invoke-BHQuery "api/version"
-------------------------- EXAMPLE 3 --------------------------
PS > BHQuery -ID 123 | BHInvoke
-------------------------- EXAMPLE 4 --------------------------
PS > "MATCH (x{objectid:'${oid}'}) RETURN x" | BHInvoke -Param @{oid='S-1-5-21-928081958-2569533466-1777930793-1800'}
See Help BHInvoke for more info
Alias: New-BHQuery
New BloodHound Query
New-BHPathQuery [-Name] <string> [[-Description] <string>] [-Query] <string> [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHPathQuery -Name MySavedQuery -Query "MATCH (x:User) RETURN x LIMIT 1" -Desc "My Saved Query"
See Help New-BHQuery for more info
Alias: Remove-BHQuery
Remove BloodHound Saved Query
Remove-BHPathQuery [-ID] <string> [-Force]-------------------------- EXAMPLE 1 --------------------------
Remove-BHPathQuery -id <QueryID>-Force
See Help Remove-BHQuery for more info
Alias: Set-BHQuery
Set BloodHound Query
Set-BHPathQuery [-ID] <int> [[-Name] <string>] [[-Query] <string>] [[-Description] <string>]-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHPathQuery -ID 123 -Name MySavedQuery
See Help Set-BHQuery for more info
Alias: Set-BHQueryScope
Set BloodHound Query Scope
Set-BHPathQueryScope [-ID] <int> -Public
Set-BHPathQueryScope [-ID] <int> -Private
Set-BHPathQueryScope [-ID] <int> -Share <string[]> [-Remove]-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHQueryScope -ID 123 -Public
-------------------------- EXAMPLE 2 --------------------------
PS > Set-BHQueryScope -ID 123 -Private
-------------------------- EXAMPLE 3 --------------------------
Set-BHQueryScope -ID 123 -Share <UserID[]>
-------------------------- EXAMPLE 4 --------------------------
Set-BHQueryScope -ID 123 -Share <UserID[]>-Remove
See Help Set-BHQueryScope for more info
Alias: BHClient
[BHE] Get BloodHound Client
Get-BHClient
Get-BHClient -ID <string[]> [-CompletedJobs]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHClient -ID $ClientID
-------------------------- EXAMPLE 2 --------------------------
PS > Get-BHClient -ID $ClientID -CompletedJobs
See Help BHClient for more info
[BHE] New BloodHound Client
New-BHClient [-Name] <string[]> [-ClientType] <string> [[-DomainController] <string>]-------------------------- EXAMPLE 1 --------------------------
PS > $Client = @{
Prop = value
}
New-BHClient @Client
See Help New-BHClient for more info
[BHE] Remove-BloodHound Client
Remove-BHClient [-ID] <string> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Example
See Help Remove-BHClient for more info
[BHE] Set BloodHound Client
Set-BHClient [-ID] <string> [[-Name] <string>] [[-DomainController] <string>]-------------------------- EXAMPLE 1 --------------------------
PS > Example
See Help Set-BHClient for more info
Alias: BHJob
[BHE] Get BloodHound Client Job
Get-BHClientJob [-ClientID <string[]>] [-Status <int>] [-Limit <int>]
Get-BHClientJob -IncludeUnfinished [-ClientID <string[]>] [-Status <int>] [-Only]
Get-BHClientJob -JobID <string> [-Logs]-------------------------- EXAMPLE 1 --------------------------
Get-BHClientJob [-status <status>] [-ClientID <client_id>]
-------------------------- EXAMPLE 2 --------------------------
PS > BHJob -IncludeUnfinished [-Only]
-------------------------- EXAMPLE 3 --------------------------
PS > BHJob -JobId 1234 [-log]
See Help BHJob for more info
Alias: Remove-BHJob
[BHE] Remove BloodHound Client Job
Remove-BHClientJob [-ID] <string> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Remove-BHClientJob -Id $JobId
See Help Remove-BHJob for more info
Alias: Start-BHJob
[BHE] Start BloodHound Client Job
Start-BHClientJob [-ClientID] <string[]> [[-OU] <string[]>] [[-Domain] <string[]>] [-SessionCollection] [-LocalGroupCollection] [-ADStructureCollection] [-CertServiceCollection] [-CARegistryCollection] [-DCRegistryCollection] [-AllDomain] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Start-BHClientJob
See Help Start-BHJob for more info
[BHE] New BloodHound Client Token
New-BHClientToken [-ID] <string[]> [-AsPlainText] [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHClientToken -id $ClientID [-Force]
See Help New-BHClientToken for more info
[BHE] Get BloodHound Client Event
Get-BHEvent -EventID <string[]>
Get-BHEvent [-ClientID <string[]>]-------------------------- EXAMPLE 1 --------------------------
PS > Get-BHEvent
See Help Get-BHEvent for more info
[BHE] New BloodHound Client Event
New-BHEvent [[-ClientID] <string[]>] [[-Rule] <string>] [[-OU] <string[]>] [[-Domain] <string[]>] [-SessionCollection] [-LocalGroupCollection] [-ADStructureCollection] [-CertServiceCollection] [-CARegistryCollection] [-DCRegistryCollection] [-AllDomain]-------------------------- EXAMPLE 1 --------------------------
PS > New-BHEvent
See Help New-BHEvent for more info
[BHE] Remove BloodHound Client Event
Remove-BHEvent [-ID] <string> [-Force]-------------------------- EXAMPLE 1 --------------------------
PS > Remove-BHEvent $EventID
See Help Remove-BHEvent for more info
[BHE] Set BloodHound Client Event
Set-BHEvent [-ID] <string[]> [[-Rule] <string>] [[-SessionCollection] <bool>] [[-LocalGroupCollection] <bool>] [[-ADStructureCollection] <bool>] [[-CertServiceCollection] <bool>] [[-CARegistryCollection] <bool>] [[-DCRegistryCollection] <bool>] [[-AllDomain] <bool>] [[-OU] <string[]>] [[-Domain] <string[]>] [-PassThru]-------------------------- EXAMPLE 1 --------------------------
PS > Set-BHEvent
See Help Set-BHEvent for more info
Thursday, March 13, 2025 10:15:06 AM