BloodHound MCP AI

An MCP server that bridges BloodHound's Active Directory attack path analysis database to AI assistants, exposing 75+ tools for querying AD attack paths, privilege escalation routes, Kerberos vulnerabilities (Kerberoasting, AS-REP roasting), NTLM relay opportunities, and Active Directory Certificate Services (ADCS) misconfigurations via natural language. Instead of writing Cypher graph traversal queries manually, security professionals can ask an AI 'show me all paths from a Domain User to Domain Admin' and get results from their BloodHound Neo4j database. Designed for authorized penetration testing engagements where BloodHound data has already been collected from target AD environments.

Evaluated Mar 01, 2026 (50d ago) vlatest
Homepage ↗ Repo ↗ Security bloodhound active-directory attack-paths mcp-server neo4j red-team cypher python privilege-escalation kerberos adcs
⚙ Agent Friendliness
64
/ 100
Can an agent use this?
🔒 Security
52
/ 100
Is it safe for agents?
⚡ Reliability
N/A
Not evaluated
Does it work consistently?
AF Security Reliability

Best When

A red team or penetration tester has completed BloodHound data collection from an authorized AD environment and wants AI-assisted attack path analysis and report generation without writing Cypher.

Avoid When

You do not have BloodHound infrastructure deployed with AD data already ingested, or you cannot guarantee written authorization for the target environment.

Use Cases

  • Natural language attack path discovery: 'Find all kerberoastable accounts with paths to Domain Admin'
  • Automated security assessment report generation from BloodHound data
  • Accelerating red team operations by eliminating manual Cypher query writing
  • ADCS vulnerability enumeration: query ESC1-ESC8 certificate abuse paths
  • Cross-domain trust enumeration and lateral movement path discovery
  • Quantifying attack path exposure for executive risk reporting

Not For

  • Unauthorized security assessments — BloodHound data collection requires domain-level access which requires explicit authorization
  • Environments without BloodHound 4.x+ Community Edition and Neo4j already set up with AD data ingested
  • Blue team / defensive use cases — this is a red team tool; BloodHound Enterprise has a defender-focused product separately
  • Real-time AD monitoring — operates on a static snapshot collected at ingestion time

Alternatives

{'id': 'bloodhound-ce-api', 'reason': 'BloodHound Community Edition has its own REST API for direct integration without MCP'} {'id': 'adalanche', 'reason': 'Alternative AD attack path tool with built-in web UI, no Neo4j dependency'} {'id': 'pingcastle', 'reason': 'AD security assessment tool focused on scoring and remediation rather than attack path visualization'}

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for BloodHound MCP AI.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-01.

8642
Packages Evaluated
17761
Need Evaluation
586
Need Re-evaluation
Community Powered