Skip to main content
Applies to BloodHound Enterprise and CE The OpenGraph library provides a list of projects created by BloodHound community members that extend the coverage of BloodHound utilizing OpenGraph. Have you built a cool project using OpenGraph and want it featured here? Already got your project in the list and need to update something? Open a “Library Change” issue on the BloodHound Docs repo and we’ll get it added for you! Submissions from the community will have a icon next to them while those by SpecterOps employees will have a SpecterOps icon.

OpenGraph Library

1PassHound

DescriptionThe 1Password for Business OpenGraph extension lets you bring your 1Password ACL data into BloodHound’s graph‑analysis framework.Whether you’re auditing permissions, responding to incidents, or simply exploring your 1Password configuration, this extension brings clarity, control and rich visualization to your vaults and items.Authors/MaintainersRepos

AnsibleHound

DescriptionAnsibleHound is a BloodHound OpenGraph collector for Ansible AWX and Ansible Tower. The collector is designed to map the structure and permissions of your organization into a navigable attack-path graph.Authors/MaintainersRepos

GitHound

DescriptionGitHound is a BloodHound OpenGraph collector for GitHub, designed to map your organization’s structure and permissions into a navigable attack‑path graph.With GitHound, you get a clear, interactive graph of your GitHub permissions landscape—perfect for security reviews, compliance audits, and rapid incident investigations.Authors/MaintainersRepos

GithHoundPy

DescriptionA python implementation of the GitHound collector for BloodHound OpenGraph. This project aims to stay in sync with the main PowerShell version.Credit and tons of props to the SpecterOps team for the main implementation, for a detailed breakdown on the features check the main repoAuthors/MaintainersRepos

JamfHound

DescriptionJamfHound is a python3 project designed to collect and identify attack-paths in Jamf Pro tenants for privilege escalation and lateral movement based on existing object permissions. The collector saves data as JSON for ingestion into BloodHound to easily visualize and evaluate the risks of compromise within the Jamf Pro tenant.Authors/MaintainersRepos

MSSQLHound

DescriptionCollects BloodHound OpenGraph compatible data from one or more MSSQL servers into individual temporary files, then zips them in the current directory.Authors/MaintainersRepos

SCCM_SQL_Collector

DescriptionPoC script to collect SCCM attack paths from a SCCM site DB. Credits to @sanjivkawa for SQLRecon, which is where most of the scaffolding code to allow for connecting to SQL came from (thanks Sanj!)Authors/MaintainersRepos

SnowHound

DescriptionThe BloodHound extension for Snowflake tenants enables organizations to visualize their Snowflake environment by mapping key elements such as Users, Databases, Roles, Warehouses, and Integrations, along with the permissions that connect them.This provides a comprehensive view of access and potential attack paths within the Snowflake tenant, empowering security teams to identify vulnerabilities and better manage their environment’s security posture.Authors/MaintainersRepos

vCenterHound

DescriptionvCenterHound connects to one or more vCenters, collects infrastructure entities (Datacenter/Cluster/Host/VM/Network/Datastore, etc.) and permissions (Roles/Users/Groups/Assignments), then builds a BloodHound‑compatible JSON graph with Custom Nodes/Edges. The model.json file provides icons and styles for these custom kinds.Authors/MaintainersRepos

OpenGraph Tools

BloodHound OpenGraph Helper Library

Description A Python library for creating BloodHound OpenGraph JSON data that conforms to the BloodHound OpenGraph schema specification. Authors/Maintainers Repos
I