{"id":"mwnickerson-bloodhound-mcp","name":"bloodhound_mcp","homepage":null,"repo_url":"https://github.com/mwnickerson/bloodhound_mcp","category":"devtools","subcategories":[],"tags":["mcp","bloodhound","active-directory","cypher","attack-path-analysis","neo4j","python"],"what_it_does":"Provides an MCP server that lets an AI assistant query BloodHound Community Edition data (via BloodHound CE REST API and Neo4j graph) through a set of composite MCP tools (e.g., domain/user/group/computer info, graph analysis, ADCS info, and Cypher execution) and reference resources for Cypher and AD/ADCS/Azure methodology.","use_cases":["Interactive Active Directory attack-path analysis using BloodHound data","Generating/assisting Cypher queries against the BloodHound graph","Recon and privilege-rights exploration (users/groups/sessions/local admin/etc.)","ADCS ESC pathway exploration and exploitation guidance (from templates/resources)","Training, lab analysis, and certification prep using non-production AD data"],"not_for":["Using with production AD data without a clear privacy/security assessment and mitigations","Automating destructive changes to BloodHound data (beyond read-only analysis workflows)","Environments where sensitive security telemetry cannot be sent to an external LLM provider"],"best_when":"Used in lab/non-production environments with appropriate API-token scoping and when an operator understands the security implications of sending BloodHound-derived data to an LLM.","avoid_when":"Avoid when BloodHound datasets include sensitive production identities/relationships and you have not assessed exposure to your LLM provider; also avoid when robust guardrails for Cypher execution are not in place.","alternatives":["Direct BloodHound CE REST API/Neo4j access with a purpose-built integration","Using BloodHound’s built-in UI and exporting results for analysis in an external tool","Other MCP/agent wrappers that provide a read-only query surface without arbitrary Cypher execution"],"af_score":60.5,"security_score":58.2,"reliability_score":25.0,"package_type":"mcp_server","discovery_source":["github"],"priority":"high","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-03-30T13:51:57.130420+00:00","interface":{"has_rest_api":true,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":null,"has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["BloodHound API token (Token ID + Token Key) via .env"],"oauth":false,"scopes":false,"notes":"README indicates use of BloodHound CE API credentials (Token ID/Token Key). It recommends read-only tokens but does not describe scoped permissions or scope granularity for the tool itself."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"Open-source tool; costs depend on your BloodHound CE deployment and your LLM provider usage."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":60.5,"security_score":58.2,"reliability_score":25.0,"mcp_server_quality":80.0,"documentation_accuracy":70.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":80.0,"rate_limit_clarity":10.0,"tls_enforcement":70.0,"auth_strength":60.0,"scope_granularity":30.0,"dependency_hygiene":55.0,"secret_handling":75.0,"security_notes":"Requires BloodHound API token credentials (Token ID/Key) provided via .env. README warns that BloodHound data is transmitted to the LLM provider and advises against production use without risk assessment; recommends rotating tokens and using read-only where possible. TLS is implied by default scheme 'https' but explicit enforcement details are not provided. Tool set includes `cypher_query` and OpenGraph CRUD (`custom_nodes`), increasing the need for strict operator/agent guardrails.","uptime_documented":0.0,"version_stability":40.0,"breaking_changes_history":30.0,"error_recovery":30.0,"idempotency_support":"false","idempotency_notes":"Contains CRUD-like operations via `custom_nodes` (create/update/delete), but README does not document idempotency or safe retry semantics for mutations.","pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["The tool surface includes `cypher_query` and `custom_nodes` which can increase risk if used without guardrails","The README references a 'system prompt' tuned for offensive security analysis; agents may follow methodology rules that are not appropriate for all environments"]}}