BloodyAD FAQs

Question 1

What is BloodyAD and what is its primary purpose?

Accepted Answer

BloodyAD is an AI assistant-integrated tool that automates Active Directory enumeration, extraction, and abuse. It acts as a wrapper for the powerful `bloodyAD` CLI, enabling security professionals to perform complex AD operations directly from AI frontends like Claude Desktop or Gemini-CLI via the Model Context Protocol (MCP).

Question 2

How does BloodyAD integrate with AI assistants?

Accepted Answer

BloodyAD functions as an MCP server, exposing `bloodyAD` commands as simple Python functions. This allows any MCP-compatible AI assistant to directly invoke these functions for Active Directory tasks, streamlining security testing without manual CLI execution.

Question 3

What types of Active Directory operations can BloodyAD perform?

Accepted Answer

BloodyAD offers extensive capabilities, including retrieving LDAP object attributes, listing child objects, managing object ownership and attributes, changing user/computer passwords, adding various AD elements (users, computers, DNS records, DCSync, GenericAll, RBCD, Shadow Credentials), and removing AD objects or delegations.

Question 4

What are the essential prerequisites for setting up BloodyAD?

Accepted Answer

To use BloodyAD, you need Docker Desktop with the MCP Toolkit enabled, an MCP-compatible AI assistant (e.g., Gemini-CLI, Claude Desktop), internet access during Docker image build, VPN/network access to the target Active Directory Domain Controller, and `jq` installed if you're on Linux.

Question 5

Are credentials handled securely when using BloodyAD?

Accepted Answer

Yes, security is a priority. Credentials are passed directly with each command and are not stored or logged by the BloodyAD server. Additionally, the server operates as a non-root user within a Docker container, enhancing overall security posture.

BloodyAD

소개

주요 기능

사용 사례