macOS
brew install azurehoundlocal Homebrew formula metadata
brew
Azure Data Exporter for BloodHound. Version 2.12.2 via Homebrew; verified 2026-06-15.
install
brew install azurehoundlocal Homebrew formula metadata
nix profile install nixpkgs#azurehoundnixpkgs package indexes · pkgs/by-name/az/azurehound/package.nix · source: api.github.com
overview
Azure Data Exporter for BloodHound
history
AzureHound is SpecterOps' Microsoft Azure data collector for BloodHound. It gathers Azure and Microsoft Entra ID relationship data so BloodHound users can reason about identity attack paths in cloud and hybrid environments.
AzureHound comes from the BloodHound/SpecterOps ecosystem, extending BloodHound collection beyond traditional Active Directory graph data into Azure tenant data. The official README identifies it as the BloodHound data collector for Microsoft Azure and the official tool for collecting Azure data for BloodHound Community Edition and BloodHound Enterprise.
The public repository provides Go source, release binaries, a rolling release tied to the main branch, and command help for listing tenant data or running a collection service.
Adoption follows BloodHound's security-operator audience rather than general Azure administration. The input package facts list Homebrew and Nix packages, which is typical for offensive-security and assessment tooling that needs reproducible workstation installs.
The README shows Azure CLI token reuse via `az account get-access-token`, making it convenient for operators who already authenticate with Microsoft's Azure CLI and want to export graph data without a separate browser flow.
Common usage is `azurehound list` with username/password, tenant, JWT, or refresh token options, optionally writing JSON output for BloodHound ingestion. `azurehound configure` and `azurehound start` support service-style collection for BloodHound Enterprise.
The command exposes a `--config` flag with a default config path under the user's config directory. Credential material is supplied through flags, tokens, certificates, or config rather than a separately documented universal credentials file.
For package nerds, AzureHound is a compact Go security CLI with release binaries and a rolling-release channel. It is notable less for broad package coverage than for being a high-signal dependency in BloodHound workflows where exact versioning and tenant-data compatibility matter.
It also illustrates a common packaging boundary in security tools: the package can install a binary, but the meaningful output is sensitive tenant graph data that belongs outside package-manager state.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.config/azurehound/config.jsonCredential-bearing paths to review before unattended agent runs.
C:\Users\Administrator.ROOT\.config\azurehound\key.pemC:\Users\Administrator.ROOT\.config\azurehound\cert.pemexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
azurehound | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/SpecterOps/AzureHound
install metadata
| Package key | brew:azurehound |
|---|---|
| Version | 2.12.2 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/azurehound |
| Homepage | https://github.com/SpecterOps/AzureHound |
| Repository | https://github.com/SpecterOps/AzureHound |
| Upstream docs | https://bloodhound.specterops.io/collect-data/ce-collection/azurehound |
| License | GPL-3.0-or-later |
| Source archive | https://github.com/SpecterOps/AzureHound/archive/refs/tags/v2.12.2.tar.gz |
| Last updated | 2026-06-15T19:10:06Z |
| Pulse | updated |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | azurehound |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
azurehound
nix profile install nixpkgs#azurehoundsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.