Query File Location
Import Community Query Lists
Download and apply ZephrFish’s BloodHound Custom Queries.customqueries.json to download from that repo.
Merge multiple query files with jq.
BloodHound CE — Import via UI API
Create a saved query in BloodHound CE via API. Use POST to create (PUT is only for updating an existing query at/saved-queries/{id}). The CE API takes a single query object (name, query, description) — it does not accept the legacy customqueries.json schema, so you must send one query at a time.
Custom Query File Format
Useful Community Lists
| Repository | Focus |
|---|---|
| ZephrFish/Bloodhound-CustomQueries | General purpose |
| ly4k/BloodHound | Extended queries |
| mgeeky/Penetration-Testing-Tools | Offensive focused |
| CompassSecurity/BloodHoundQueries | Compass Security |