Compass Security BloodHound CE Resources

December 11, 2025 · View on GitHub

This repository contains some useful resources regarding BloodHound CE:

  • BloodHound CE Custom Queries
  • BloodHound Operator Custom Queries
  • Useful Links

BloodHound CE Custom Queries

These queries are used in BloodHound CE to analyze your collected data.

Direct Usage

You can directly copy the BloodHound CE Custom Queries from your browser into your BloodHound CE instance.

Import

Initial Preparation

Install PowerShell on Kali:

sudo apt -y install powershell

You can now start a new PowerShell using pwsh.

Clone the BloodHoundOperator repository:

git clone https://github.com/SadProcessor/BloodHoundOperator.git

Query Import

Load the BloodHoundOperator module:

Import-Module /opt/BloodHoundOperator/BloodHoundOperator.ps1

Dot-Source (note the . in front of the command) Create-BloodHoundOperatorSession.ps1 script to create a new BloodHoundOperator session and make it available in your current PowerShell:

. ./scripts/Create-BloodHoundOperatorSession.ps1 -Password 'YourP@ssw0rd'

Parameters:

  • -Password: Password (mandatory, if you don't specify it on the commandline, you will be prompted)
  • -Username: Username (optional, default: admin)
  • -Hostname: Hostname / IP address of the BloodHound API (optional, default: 127.0.0.1)
  • -Port: Port of the BloodHound API (optional, default: 8080)

Execute the Import-BloodHoundCECustomQueries.ps1 script to import the custom queries:

./scripts/Import-BloodHoundCECustomQueries.ps1

The imported queries are then shown in BloodHound:

Custom Queries

BloodHound Operator Custom Queries

These queries are used in a BloodHound Operator session, to modify your collected data.

Usage

Load the BloodHoundOperator module and dot-source the Create-BloodHoundOperatorSession.ps1 script as explained above.

Then directly copy the BloodHound Operator Custom Queries from your browser into your PowerShell console.

BloodHound

Neo4J Cypher