Darkmoon: Open-Source AI Agent Automates Active Directory Penetration Testing
Darkmoon is a newly open-sourced (GPLv3) autonomous pentesting tool designed to tackle Active Directory attack paths, an area where most AI security tools fall short. The tool uses an agent loop that enumerates, reasons, and pivots across multi-step AD attack chains while maintaining state throughout the process. It follows a readable Markdown playbook and uses BloodHound-style logic to identify and execute attack paths with real tools, logging every step and its output. Because both the methodology and execution are fully transparent, security reviewers can trace exactly how a domain was compromised. Built by pentesters and released publicly, the project is available on GitHub with documentation and a demo video.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in