bloodhound_mcp
Provides an MCP server that lets an AI assistant query BloodHound Community Edition data (via BloodHound CE REST API and Neo4j graph) through a set of composite MCP tools (e.g., domain/user/group/computer info, graph analysis, ADCS info, and Cypher execution) and reference resources for Cypher and AD/ADCS/Azure methodology.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
Requires BloodHound API token credentials (Token ID/Key) provided via .env. README warns that BloodHound data is transmitted to the LLM provider and advises against production use without risk assessment; recommends rotating tokens and using read-only where possible. TLS is implied by default scheme 'https' but explicit enforcement details are not provided. Tool set includes `cypher_query` and OpenGraph CRUD (`custom_nodes`), increasing the need for strict operator/agent guardrails.
⚡ Reliability
Best When
Used in lab/non-production environments with appropriate API-token scoping and when an operator understands the security implications of sending BloodHound-derived data to an LLM.
Avoid When
Avoid when BloodHound datasets include sensitive production identities/relationships and you have not assessed exposure to your LLM provider; also avoid when robust guardrails for Cypher execution are not in place.
Use Cases
- • Interactive Active Directory attack-path analysis using BloodHound data
- • Generating/assisting Cypher queries against the BloodHound graph
- • Recon and privilege-rights exploration (users/groups/sessions/local admin/etc.)
- • ADCS ESC pathway exploration and exploitation guidance (from templates/resources)
- • Training, lab analysis, and certification prep using non-production AD data
Not For
- • Using with production AD data without a clear privacy/security assessment and mitigations
- • Automating destructive changes to BloodHound data (beyond read-only analysis workflows)
- • Environments where sensitive security telemetry cannot be sent to an external LLM provider
Interface
Authentication
README indicates use of BloodHound CE API credentials (Token ID/Token Key). It recommends read-only tokens but does not describe scoped permissions or scope granularity for the tool itself.
Pricing
Open-source tool; costs depend on your BloodHound CE deployment and your LLM provider usage.
Agent Metadata
Known Gotchas
- ⚠ The tool surface includes `cypher_query` and `custom_nodes` which can increase risk if used without guardrails
- ⚠ The README references a 'system prompt' tuned for offensive security analysis; agents may follow methodology rules that are not appropriate for all environments
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for bloodhound_mcp.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-03-30.