This runs BloodHound CE as if it were a single, self-contained app in a single-user scenario.
It's based on SpecterOp's Dockerfile, but uses podman, sets the default credentials to admin/admin (no password change needed) and exposes port 8181 on localhost only.
No dependencies except for podman (and bash, grep and date)!
Simply run ./bloodhound-ce:
$ ./bloodhound-ce
Running postgres container ...
Running neo4j container ...
Wait until neo4j is ready ...
Running bloodhound container ...
Wait until bloodhound is ready ...
Setting initial password ...
Success! Go to http://localhost:8181
Login with admin/admin
Press CTRL-C when you're done.
...Link or copy the executable to ~/.local/bin or /usr/bin if you want.
It supports workspaces to keep different databases in parallel. They're
located in $XDG_DATA_HOME/BloodHound-CE
(or ~/.local/share/BloodHound-CE by
default). To set the name of the workspace, use environment variables:
$ WORKSPACE=client1 bloodhound-ceThe location of the workspace's data directory can be set directly like so:
$ DATA_DIR=BH_DATA bloodhound-ceThen the data will be stored in BH_DATA in the current working directory.
The port to listen on can similarly be changed by setting $PORT.
To update the images:
$ bloodhound-ce pullIn case you want to start over completely, delete the containers and volumes:
$ podman container rm --filter name='BloodHound-CE*'
$ rm -rf ~/.local/share/BloodHound-CE/