Adversary-focused cybersecurity provider SpecterOPS has released a new version of its open source penetration testing software BloodHound to help open source users with a stack of new features.\n\nDubbed BloodHound Community Edition (CE), version 5.0 of BloodHound, includes a suite of new capabilities, a few of which are also being uploaded to BloodHound Enterprise, SpecterOps\u2019 commercial enterprise-grade defensive product.\n\n\u201cWe\u2019re releasing BloodHound CE as a \u2018thank you\u2019 to our community users for their amazing support,\u201d said Andy Robbins, principal product architect at SpecterOps and a co-creator of BloodHound. \u201cSpecterOps strongly believes in supporting the security community, and with BloodHound CE we\u2019re taking many of the improvements we developed in BloodHound Enterprise and bringing them back to the open source community.\u201d\n\nBloodHound CE will be available on August 8 in early access and the company is showcasing the new capabilities at the Black Hat conference on August 9.\n\nOpen source version receives deployment and API updates\n\nBloodHound CE will be available as a three-tiered application with a database, an API layer, and a web-based user interface. With the new version, open source users will be able to use Representational State Transfer (REST) APIs to interact with data rather than needing to write queries directly to the database.\n\nBloodHound CE will also deploy as a containerized product, with a claimed reduction of 80% in deployment time.\n\n\u201cPreviously, users needed to manually download and install the individual components of BloodHound, including a specific version of a specific graph database management system,\u201d Robbins said. \u201cThis was a complicated process that could take hours. Now, everything needed to run BloodHound CE is packaged in a container so the correct versions of all necessary software will download and install with a single click.\u201d\n\nThe containerized deployment will also enable enterprise-grade user management with multiuser support through role-based access control (RBAC).\n\nOther features include community support and custom queries\n\nThe changes made in the new version will allow SpecterOps to increase the rate of updates and will also increase the number of pull requests from the community that can be implemented, according to the company.\n\n\u201cRight now, BloodHound and BloodHound Enterprise have different code bases, so updates and new features need to be done separately for each,\u201d said Robbins. \u201cAfter this update, the code for both products will be very similar, so updates and new features can be written once and applied to both products.\u201d\n\n\u201cThis will save a great deal of time for the SpecterOps team, which will allow them to implement more changes requested by BloodHound users. The pace of future updates to BloodHound will increase,\u201d he added.\n\nBloodHound Enterprise users will now be able to write custom Cypher queries to explore their active directory (AD) environments with safeguards in place, borrowed from Bloodhound CE, to prevent queries from accidentally causing security or performance issues. All the previous versions of BloodHound (everything before v5.0) will be referred to as \u201cBloodHound Legacy\u201d and will remain available, the company added.