Summary
Connects Claude to BloodHound's Neo4j database for Active Directory security analysis through natural language queries. Instead of writing Cypher queries manually, you can ask Claude things like "show me all domain admins" or "find shortest path to domain controller" and it translates those into proper database queries against your BloodHound data. Wraps the Neo4j driver with pre-built queries from Compass Security's collection. Reach for this when you're doing AD penetration testing or security audits and want to explore attack paths conversationally rather than remembering specific Cypher syntax.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →BloodHound MCP
BloodHound MCP (Model Context Protocol) is an innovative extension of the BloodHound tool, designed to enable Large Language Models (LLMs) to interact with and analyze Active Directory (AD) and Azure Active Directory (AAD) environments through natural language queries. By leveraging the power of LLMs, BloodHound MCP allows users to perform complex queries and retrieve insights from their AD/AAD environments using simple, conversational commands.
Features
- Natural Language Queries: Use conversational language to query your AD/AAD environment without needing to write Cypher queries manually.
- LLM-Powered Analysis: Harness the capabilities of Large Language Models to interpret and execute queries on your behalf.
- Seamless Integration: Works with existing BloodHound data stored in Neo4j, providing a user-friendly interface for complex analysis.
- Customizable: Easily configure the system to work with your specific environment and tools.
Configure the MCP Server
{
"mcpServers": {
"BloodHound": {
"name": "BloodHound",
"isActive": true,
"command": "uv",
"args": [
"run",
"--with",
"mcp[cli],neo4j",
"mcp",
"run",
"<PATH_TO_THE_PROJECT>server.py"
],
"env": {
"BLOODHOUND_URI": "bolt://localhost:7687",
"BLOODHOUND_USERNAME": "neo4j",
"BLOODHOUND_PASSWORD": "bloodhound"
}
}
}
}
Usage
Configuration
To customize BloodHound MCP, update the configuration file in your MCP-supported tool. Key settings include:
- Neo4j Database Connection:
BLOODHOUND_URI: The URI of your Neo4j database (e.g., bolt://localhost:7687).BLOODHOUND_USERNAME: Your Neo4j username.BLOODHOUND_PASSWORD: Your Neo4j password.
- Server Settings: Adjust the command and args to match your environment and tool requirements.
Contributing
We welcome contributions to BloodHound MCP! To get involved:
- Fork the Repository: Create your own copy on GitHub.
- Create a Branch: Work on your feature or fix in a new branch.
- Submit a Pull Request: Include a clear description of your changes.
Special Thanks
Custom queries from : https://github.com/CompassSecurity/BloodHoundQueries
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →UpdatedMar 4, 2026
