ShareHound — building SMB share access graphs for BloodHound

A tool for automated collection and visualization of access rights to network SMB shares in the OpenGraph format compatible with BloodHound. It helps analyze which users and groups have access to domain shares, simplifying graph generation for attack paths and AD infrastructure audits.

Features: 📍 Generates JSON‑formatted graphs based on permissions of SMB resources . 📍 Supports NTLM and Kerberos authentication, as well as Pass‑the‑Hash authentication. 📍 Multithreaded scanning with BFS traversal and filtering via the ShareQL language. 📍 Two implementations: Python (easy to extend) and Go (large‑scale scans of 60 000+ hosts, checkpoint files, ZIP streaming). 📍 Supports CIDR ranges and target list files.

Unlike BloodHound Collectors, ShareHound focuses specifically on SMB resource permissions and exports data directly in OpenGraph format. The Go version outperforms standard collectors in scalability and resilience, while the Python implementation is easier to integrate and use in automation or scripting scenarios.

📎 Tool: https://github.com/p0dalirius/sharehound

💬 Discuss