AI-Powered Active Directory Attack Path Analysis
by ACH Research Division
AutoHound connects to your BloodHound CE instance, reads the Active Directory graph, and uses Claude AI to automatically find attack paths that lead to Domain Admin. It scores each path, maps it to MITRE ATT&CK, generates exploitation commands, and produces a full markdown report.
BloodHound shows you the map. AutoHound tells you the route.
| File | Description |
|---|---|
| AutoHound_Setup.exe | Full GUI installer — recommended |
| AutoHound.exe | CLI standalone |
- Download and run
AutoHound_Setup.exe - The installer detects Docker, Python, and BloodHound CE automatically
- Enter your Anthropic API key when prompted
- Done — start analyzing
autohound --input ./bloodhound_data/ --output ./reports/- Windows 10/11 x64
- Docker Desktop
- Anthropic API key — get one here
- BloodHound CE (GUI installer handles this)
AutoHound produces:
autohound_report.md— full attack path report with exploitation stepsattack_navigator_layer.json— MITRE ATT&CK Navigator layer
For authorized penetration testing and red team engagements only. Use only on systems you own or have explicit written permission to test. The authors accept no liability for unauthorized use.
© 2026 Gordon Prescott — ACH Research Division. All rights reserved.