Goodhound

📋 Copy All Commands 📄 Generate PDF

BloodHound data analysis tool for Active Directory security assessment - Essential commands and usage patterns.

Overview

Goodhound is a active directory security used for bloodhound data analysis tool for active directory security assessment. This cheat sheet covers the most commonly used commands and workflows.

Platform Support: Cross-platform Category: Security

Installation

Linux/Ubuntu

# Package manager installation
sudo apt update
sudo apt install goodhound

# Alternative installation methods
wget -O goodhound https://github.com/example/goodhound/releases/latest
chmod +x goodhound
sudo mv goodhound /usr/local/bin/

macOS

# Homebrew installation
brew install goodhound

# Manual installation
curl -L -o goodhound https://github.com/example/goodhound/releases/latest
chmod +x goodhound
sudo mv goodhound /usr/local/bin/

Windows

# Chocolatey installation
choco install goodhound

# Scoop installation
scoop install goodhound

# Manual installation
# Download from official website and add to PATH

Basic Commands

Command	Description
goodhound --help	Display help information
goodhound --version	Show version information
goodhound init	Initialize goodhound in current directory
goodhound status	Check current status
goodhound list	List available options/items

Common Operations

Basic Usage

# Start goodhound
goodhound start

# Stop goodhound
goodhound stop

# Restart goodhound
goodhound restart

# Check status
goodhound status

Configuration

# View configuration
goodhound config show

# Set configuration option
goodhound config set <key> <value>

# Reset configuration
goodhound config reset

Advanced Operations

# Verbose output
goodhound -v <command>

# Debug mode
goodhound --debug <command>

# Dry run (preview changes)
goodhound --dry-run <command>

# Force operation
goodhound --force <command>

File Operations

Command	Description
goodhound create <file>	Create new file
goodhound read <file>	Read file contents
goodhound update <file>	Update existing file
goodhound delete <file>	Delete file
goodhound copy <src> <dst>	Copy file
goodhound move <src> <dst>	Move file

Network Operations

# Connect to remote host
goodhound connect <host>:<port>

# Listen on port
goodhound listen --port <port>

# Send data
goodhound send --data "<data>" --target <host>

# Receive data
goodhound receive --port <port>

Security Features

Authentication

# Login with credentials
goodhound login --user <username>

# Logout
goodhound logout

# Change password
goodhound passwd

# Generate API key
goodhound generate-key

Encryption

# Encrypt file
goodhound encrypt <file>

# Decrypt file
goodhound decrypt <file>

# Generate certificate
goodhound cert generate

# Verify signature
goodhound verify <file>

Troubleshooting

Common Issues

Issue: Command not found

# Check if installed
which goodhound

# Reinstall if necessary
sudo apt reinstall goodhound

Issue: Permission denied

# Run with sudo
sudo goodhound <command>

# Fix permissions
chmod +x /usr/local/bin/goodhound

Issue: Configuration errors

# Reset configuration
goodhound config reset

# Validate configuration
goodhound config validate

Debug Commands

Command	Description
goodhound --debug	Enable debug output
goodhound --verbose	Verbose logging
goodhound test	Run self-tests
goodhound doctor	Check system health

Best Practices

Security

• Always verify checksums when downloading
• Use strong authentication methods
• Regularly update to latest version
• Follow principle of least privilege

Performance

• Use appropriate buffer sizes
• Monitor resource usage
• Optimize configuration for your use case
• Regular maintenance and cleanup

Maintenance

# Update goodhound
goodhound update

# Clean temporary files
goodhound clean

# Backup configuration
goodhound backup --config

# Restore from backup
goodhound restore --config <backup-file>

Integration

Scripting

#!/bin/bash
# Example script using goodhound

# Check if goodhound is available
if ! command -v goodhound &> /dev/null; then
    echo "goodhound is not installed"
    exit 1
fi

# Run goodhound with error handling
if goodhound <command>; then
    echo "Success"
else
    echo "Failed"
    exit 1
fi

API Integration

# Python example
import subprocess
import json

def run_goodhound(command):
    try:
        result = subprocess.run(['goodhound'] + command.split(),
                              capture_output=True, text=True)
        return result.stdout
    except Exception as e:
        print(f"Error: \\\\{e\\\\}")
        return None

Environment Variables

Variable	Description	Default
GOODHOUND_CONFIG	Configuration file path	~/.goodhound/config
GOODHOUND_HOME	Home directory	~/.goodhound
GOODHOUND_LOG_LEVEL	Logging level	INFO
GOODHOUND_TIMEOUT	Operation timeout	30s

Configuration File

# ~/.goodhound/config.yaml
version: "1.0"
settings:
  debug: false
  timeout: 30
  log_level: "INFO"

network:
  host: "localhost"
  port: 8080
  ssl: true

security:
  auth_required: true
  encryption: "AES256"

Examples

Basic Workflow

# 1. Initialize
goodhound init

# 2. Configure
goodhound config set host example.com

# 3. Connect
goodhound connect

# 4. Perform operations
goodhound list
goodhound create example

# 5. Cleanup
goodhound disconnect

Advanced Workflow

# Automated deployment
goodhound deploy \
  --config production.yaml \
  --environment prod \
  --verbose \
  --timeout 300

# Monitoring
goodhound monitor \
  --interval 60 \
  --alert-threshold 80 \
  --log-file monitor.log

Resources

Official Documentation

• Official Website
• Documentation
• API Reference

Community

• GitHub Repository
• Issue Tracker
• Community Forum

Tutorials

• Getting Started Guide
• Advanced Usage
• Best Practices

---

Last updated: 2025-07-05