Pentesting Tools

Ansible Role : Bloodhound-CE (Ludus) – A Quick Deployment Guide

An Ansible Role that installs Bloodhound-CE on a debian based system.

  • Checks if {{ ludus_bloodhound_ce_install_path }}/docker-compose.yml exists
  • If not, it installs vanilla bloodhound-ce (via docker-compose)
  • Outputs the admin password in bloodhound_ce_install_path (default: /opt/bloodhound)

To force the role to re-run, stop the docker container and remove the ludus_bloodhound_ce_install_path folder

cd /opt/bloodhound
docker compose down
cd ..
rm -rf /opt/bloodhound

Requirements

Debian based OS

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

# Path where docker-compose.yml and admin creds are placed
ludus_bloodhound_ce_install_path: /opt/bloodhound
# Expose bloodhound web UI to 0.0.0.0:8080 if set to false (default: true)
ludus_bloodhound_listen_only_localhost: true
# The port bloodhound CE listens on
ludus_bloodhound_port: "8080"
# The default admin password for bloodhound (default: generate a random password)
ludus_bloodhound_admin_password:
# Other admin details defaults
ludus_bloodhound_admin_principal_name: 'admin'
ludus_bloodhound_admin_email_address: 'email@bloodhound.ludus'
ludus_bloodhound_admin_first_name: 'Bloodhound'
ludus_bloodhound_admin_last_name: 'Admin'

Dependencies

geerlingguy.docker

Example Ludus Range Config

ludus:
  - vm_name: "{{ range_id }}-docker-services"
    hostname: "{{ range_id }}-services"
    template: debian-12-x64-server-template
    vlan: 99
    ip_last_octet: 2
    ram_gb: 8
    cpus: 2
    linux: true
    testing:
      snapshot: false
      block_internet: false
    roles:
      - badsectorlabs.ludus_bloodhound_ce
    role_vars:
      ludus_bloodhound_listen_only_localhost: false

ludus:

  • vm_name: “{{ range_id }}-docker-services” hostname: “{{ range_id }}-services” template: debian-12-x64-server-template vlan: 99 ip_last_octet: 2 ram_gb: 8 cpus: 2 linux: true testing: snapshot: false block_internet: false roles:
    • badsectorlabs.ludus_bloodhound_ce
      role_vars:
      ludus_bloodhound_listen_only_localhost: false
ludus ansible roles add badsectorlabs.ludus_bloodhound_ce
ludus range config get > config.yml
# Edit config to add the role to the VMs you wish to install bloodhound on and define your desired ludus_bloodhound_ce vars
ludus range config set -f config.yml
ludus range deploy -t user-defined-roles
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: Ansible Rolecybersecurityinformationsecuritykalilinuxkalilinuxtools
2 years ago

Recent Posts

Modrinth – A Comprehensive Overview of Tools and Functions

Modrinth is a modern platform that’s rapidly changing the landscape of Minecraft modding, providing an…

7 hours ago

BlackSanta Malware A Stealthy Threat Targeting Recruiters and HR Teams

A new, highly sophisticated malware campaign named BlackSanta has emerged, primarily targeting HR and recruitment…

8 hours ago

Perplexity Launches Personal Computer Features

Perplexity has unveiled an exciting new feature, Personal Computer, which allows AI agents to seamlessly…

15 hours ago

Cyberattack or Smoke and Mirrors? The Truth Behind the Alleged Dimona Nuclear Breach

In a recent cyber incident, a group named CARDINAL, associated with the label Russian Legion,…

1 day ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

5 days ago

Best Linux Distros in 2026

Linux is renowned for its versatility, open-source nature, and security. Whether you're a beginner, developer,…

5 days ago