Tool to deduplicate custom BloudHound queries from different datasets and merge them in one
customqueries.jsonfile.
BloodHound allows you to store custom queries in ~/.config/bloodhound/customqueries.json. Most pentester are then downloading a custom queries file from an external project. The issue? There are several projects offering very good queries files but they are all very different and complementary and BloodHound supports only one custom queries file. The solution? What if a tool would index all custom queries files, download them for you, remove duplicate queries and merge them all in one file you can use in BloodHound? That's what BQM offers, no more query file compromise, more AD compromise!
- Inventory many query datasets
- Fetch all query datasets
- Remove duplicate queries
- Merge all queries in one file
- List all available datasets
No install, just clone the repository and run! No dependencies, just pure Ruby.
git clone https://github.com/Acceis/bqm.git && cd bqm
ruby bin/bqm -h
See INSTALL for options with package managers.
Usage: bqm [options]
-o, --output-path PATH Path where to store the query file
-l, --list List available datasets
Example: bqm -o ~/.config/bloodhound/customqueries.json
Example:
$ bqm -o ~/.config/bloodhound/customqueries.json
[+] Fetching and merging datasets
[+] Removing duplicates
[+] All queries have been merged in /home/noraj/.config/bloodhound/customqueries.json
Datasets used by BQM are referenced in data/query-sets.json. They are coming from the following projects:
- ly4k/Certipy
- CompassSecurity/BloodHoundQueries
- hausec/Bloodhound-Custom-Queries
- awsmhacks/awsmBloodhoundCustomQueries
- porterhau5/BloodHound-Owned
- ZephrFish/Bloodhound-CustomQueries
- Scoubi/BloodhoundAD-Queries
- InfamousSYN/bloodhound-queries
- zeronetworks/BloodHound-Tools
- egypt/customqueries
- trustedsec/CrackHound
- aress31/bloodhound-utils
Made by Alexandre ZANNI (@noraj) for ACCEIS.
Logo made with DesignEvo.