BloodHound isn't found

BloodHound used in Pathfinder in StartingPoint was installed in pip.
    bash: bloodhound-python: The command isn’t found.
It’s indicated.

How should I do?

If you are confident you’ve installed it, you can try:

which bloodhound
locate bloodhound
find / -iname "bloodhound*" 2>/dev/null

to see if it is somewhere on your filesystem. If it isn’t, then it isn’t installed.

It has been just checked in locate bloodhound.

$ locate bloodhound

It was this. Can this be installed?
After that path was checked.

$ echo $PATH

Is it said that path isn’t passing?

What happens when you run either:
python /home/kali/.local/bin/bloodhound-python

kali@kali:~$ /home/kali/.local/bin/bloodhound-python
usage: bloodhound-python [-h] [-c COLLECTIONMETHOD] [-u USERNAME] [-p PASSWORD] [-k] [–hashes HASHES]
[-ns NAMESERVER] [–dns-tcp] [-d DOMAIN] [-dc HOST] [-gc HOST] [-w WORKERS] [-v]

Python based ingestor for BloodHound
For help or reporting issues, visit GitHub - fox-it/ A Python based ingestor for BloodHound

optional arguments:
-h, --help show this help message and exit
Which information to collect. Supported: Group, LocalAdmin, Session, Trusts, Default (all
previous), DCOnly (no computer connections), DCOM, RDP,PSRemote, LoggedOn, ObjectProps,
ACL, All (all except LoggedOn). You can specify more than one by separating them with a
comma. (default: Default)
-u USERNAME, --username USERNAME
Username. Format: username[@domain]; If the domain is unspecified, the current domain is
-p PASSWORD, --password PASSWORD
-k, --kerberos Use kerberos
–hashes HASHES LM:NLTM hashes
Alternative name server to use for queries
–dns-tcp Use TCP instead of UDP for DNS queries
-d DOMAIN, --domain DOMAIN
Domain to query.
-dc HOST, --domain-controller HOST
Override which DC to query (hostname)
-gc HOST, --global-catalog HOST
Override which GC to query (hostname)
-w WORKERS, --workers WORKERS
Number of workers for computer enumeration (default: 10)
-v Enable verbose output
–disable-pooling Don’t use subprocesses for ACL parsing (only for debugging purposes)

kali@kali:~$ python /home/kali/.local/bin/bloodhound-python
Traceback (most recent call last):
File “/home/kali/.local/bin/bloodhound-python”, line 5, in
from bloodhound import main
ImportError: No module named bloodhound

seems like the first one worked.

I thank. This problem was settled with this.
Also a pass was added.
export -n PATH=“$PATH:/home/kali/.local/bin”


$ bloodhound-python -d megacorp.local -u sandra -p “Password1234!” -gc pathfinder.megacorp.local -c all -ns
INFO: Found AD domain: megacorp.local
INFO: Connecting to LDAP server: Pathfinder.MEGACORP.LOCAL
Traceback (most recent call last):
File “/home/kali/.local/bin/bloodhound-python”, line 8, in
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/”, line 284, in main,
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/”, line 72, in run
self.pdc.prefetch_info(‘objectprops’ in collect, ‘acl’ in collect)
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/”, line 394, in prefetch_info
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/”, line 224, in get_objecttype
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/”, line 68, in ldap_connect
ldap =,
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/”, line 78, in getLDAPConnection
if not conn.bind():
File “/usr/lib/python3/dist-packages/ldap3/core/”, line 563, in bind
response = self.do_ntlm_bind(controls)
File “/usr/lib/python3/dist-packages/ldap3/core/”, line 1302, in do_ntlm_bind
request = bind_operation(self.version, ‘SICILY_RESPONSE_NTLM’, ntlm_client, result[‘server_creds’])
File “/usr/lib/python3/dist-packages/ldap3/operation/”, line 81, in bind_operation
server_creds = name.create_authenticate_message()
File “/usr/lib/python3/dist-packages/ldap3/utils/”, line 379, in create_authenticate_message
nt_challenge_response = self.compute_nt_response()
File “/usr/lib/python3/dist-packages/ldap3/utils/”, line 485, in compute_nt_response
response_key_nt = self.ntowf_v2()
File “/usr/lib/python3/dist-packages/ldap3/utils/”, line 497, in ntowf_v2
return, (self.user_name.upper() + self.user_domain).encode(‘utf-16-le’)).digest()
File “/usr/lib/python3.8/”, line 153, in new
return HMAC(key, msg, digestmod)
File “/usr/lib/python3.8/”, line 51, in init
raise TypeError(“Missing required parameter ‘digestmod’.”)
TypeError: Missing required parameter ‘digestmod’.

This seems not to be normally moving.
How should it be done?

I dont know.

It looks like it is missing a parameter in the request:
TypeError: Missing required parameter 'digestmod'.

Hello, thank you all for this post here. I had a similar problem, and I dont know exactly, what the solution was but a
locate bloodhound revealed:


So I tried the command
python3 -m bloodhound -d (domain) -u (user) -p “(password)” -gc (global-catalog host) -c all -ns (ip)

and it worked for me… Maybe it helps somebody…