├── LICENSE └── README.md /LICENSE: -------------------------------------------------------------------------------- 1 | END-USER LICENSE AGREEMENT (“EULA”) 2 | Version 1.0 – [01-Jul-2025] 3 | 4 | IMPORTANT: Read this EULA carefully before installing or using ADscan Lite (“Software”). 5 | By clicking “I Accept”, executing the Software, or otherwise using it, you (“Licensee”) 6 | agree to be bound by all terms. 7 | 8 | 1. GRANT OF LICENSE 9 | 1.1 Licensor: Yeray Martín Domínguez, Vitoria-Gasteiz (Spain). 10 | 1.2 License: Licensor grants Licensee a revocable, non-exclusive, non-transferable, 11 | worldwide, royalty-free right to install and run the Software **solely for 12 | internal security-assessment purposes, including paid pentesting services performed 13 | for third parties**. No ownership rights are conveyed. 14 | 15 | 2. RESTRICTIONS 16 | Licensee shall NOT, and shall not permit any third party to: 17 | a. copy, distribute, publish, sublicense, sell, rent, lease or host the Software; 18 | b. modify, adapt, translate, merge or create derivative works; 19 | c. reverse engineer, decompile, disassemble, or otherwise attempt to derive 20 | source code or underlying ideas, except to the extent such activity is expressly 21 | permitted by applicable law notwithstanding this limitation; 22 | d. remove proprietary notices, trademarks or labels; 23 | e. use the Software to develop or enhance a competing product or service. 24 | 25 | 3. INTELLECTUAL PROPERTY 26 | All right, title and interest in and to the Software and any copies thereof remain 27 | with Licensor. The Software is protected by copyright laws and international treaties. 28 | 29 | 4. UPDATES & SUPPORT 30 | Licensor may provide Updates at its sole discretion. Any Update is governed by this 31 | EULA unless a separate license accompanies it. 32 | 33 | 5. WARRANTY DISCLAIMER 34 | THE SOFTWARE IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 35 | INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 36 | PURPOSE, AND NON-INFRINGEMENT. :contentReference[oaicite:13]{index=13} 37 | 38 | 6. LIMITATION OF LIABILITY 39 | IN NO EVENT WILL LICENSOR BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL OR 40 | CONSEQUENTIAL DAMAGES, OR FOR ANY LOSS OF PROFITS, DATA, OR BUSINESS, ARISING OUT OF 41 | OR RELATING TO THIS EULA OR USE OF THE SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY 42 | OF SUCH DAMAGES. 43 | 44 | 7. TERMINATION 45 | This EULA terminates automatically if Licensee breaches any provision. Upon termination 46 | Licensee must destroy all copies of the Software. Sections 3, 5, 6 and 9 survive. 47 | 48 | 8. EXPORT & COMPLIANCE 49 | Licensee shall comply with all applicable export-control and sanctions regulations. 50 | 51 | 9. GOVERNING LAW & VENUE 52 | This EULA is governed by the laws of Spain. Any dispute shall be resolved exclusively 53 | in the courts of Santa Cruz de Tenerife. 54 | 55 | 10. ENTIRE AGREEMENT 56 | This EULA constitutes the entire agreement and supersedes all prior understandings. 57 | 58 | © 2025 Yeray Martín Domínguez – adscanpro.com – hello@adscanpro.com 59 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ADscan 2 | 3 |
4 | 5 | ADscan Logo 6 | 7 | [![Version](https://img.shields.io/badge/version-3.1.2--lite-blue.svg)](https://github.com/ADscanPro/adscan/releases) 8 | [![downloads](https://static.pepy.tech/badge/adscan)](https://pepy.tech/projects/cai-adscan) 9 | [![License](https://img.shields.io/badge/license-EULA-red.svg)](https://github.com/ADscanPro/adscan/blob/main/LICENSE) 10 | [![Platform](https://img.shields.io/badge/platform-Linux-lightgrey.svg)](https://github.com/ADscanPro/adscan) 11 | [![Python](https://img.shields.io/badge/python-3.8+-blue.svg)](https://www.python.org/downloads/) 12 | [![Discord](https://img.shields.io/discord/1355089867096199300?color=7289da&label=Discord&logo=discord&logoColor=white)](https://discord.com/invite/fXBR3P8H74) 13 | 14 | **[📚 Complete Documentation → adscanpro.com/docs](https://adscanpro.com/docs?utm_source=github&utm_medium=readme&utm_campaign=docs_cta)** • [Discord](https://discord.com/invite/fXBR3P8H74) 15 | 16 |
17 | 18 | --- 19 | 20 | ## 🎬 Demo 21 | 22 | [![asciicast](https://asciinema.org/a/734180.svg)](https://asciinema.org/a/734180?autoplay=1) 23 | 24 | _Auto-pwns **HTB Forest** in ~3 minutes_ 🚀 25 | 26 | --- 27 | 28 | ## 🎯 Overview 29 | 30 | **ADscan** is an interactive CLI that automates and orchestrates Active Directory pentesting workflows. It helps teams ship internal AD engagements faster by reducing manual glue-work (tool handoffs, copy/paste, evidence collection, reporting). 31 | 32 | ### Operation Modes 33 | 34 | - 🤖 **Automatic** (`auto=True`, labs/CTF): minimal prompts, fast flow 35 | - 🤝 **Semi-automatic** (`auto=False`, internal/prod): prompts before risky actions 36 | - 🎮 **Manual**: full operator control 37 | 38 | ### Why ADscan? 39 | 40 | - 🚀 **Auto-pwns retired HTB machines** in minutes (Forest, Active, Cicada) 41 | - ⚡ **Save time**: less glue-work, more repeatable workflows 42 | - 🎮 **Built for pentesters**: CLI-first, designed for operators 43 | - 🧾 **Evidence packaging**: workspace outputs + report templates 44 | 45 | > **Try ADscan PRO** — Request a **FREE 30-Day POV (first 5 teams)** at [adscanpro.com](https://adscanpro.com/?utm_source=github&utm_medium=readme&utm_campaign=lite_cta) 46 | > 47 | > **🔥 30-Day POV — COMPLETELY FREE (First 5 Teams Only):** 48 | > - **⚡ LIMITED**: Only **5 FREE POV slots** available 49 | > - **Duration**: 1 internal AD pentest project 50 | > - **Team**: Up to 5 pentesters 51 | > - **Pricing**: **100% FREE** for first 5 teams (after that: €497 + VAT standard) 52 | > - **Includes**: 53 | > - Modes: automatic / semi-automatic / manual 54 | > - 1:1 onboarding (60-90 min) + priority support 55 | > - MITRE-mapped report templates 56 | > - **📊 In exchange**: Measured case study (baseline vs ADscan) + honest testimonial + detailed feedback 57 | > - **Zero risk**: If it doesn't deliver results (≥1 credential OR ≥1 day saved), simply walk away—no strings attached 58 | 59 | --- 60 | 61 | ## ✨ Features 62 | 63 | 64 | 65 | 79 | 94 | 95 |
66 | 67 | ### 🔓 LITE (Free) 68 | 69 | **Core capabilities:** 70 | - ✅ Three operation modes (automatic/semi-automatic/manual) 71 | - ✅ Unauthenticated & authenticated reconnaissance 72 | - ✅ Kerberos exploitation (AS-REP, Kerberoast) 73 | - ✅ BloodHound integration & analysis 74 | - ✅ Credential harvesting (SAM, LSA, DCSync) 75 | - ✅ Workspace & evidence management 76 | - ✅ Community Discord support 77 | 78 | 80 | 81 | ### 🔒 PRO (Coming Q4 2025) 82 | 83 | **Planned enhancements:** 84 | - 🎯 Trust relationship autonomous enumeration 85 | - 🎫 ADCS ESC auto-exploitation 86 | - 📄 MITRE-mapped Word/PDF reports (auto-generated) 87 | - ☁️ Cloud-accelerated hash cracking 88 | - 🔍 CVE/misconfig autonomous scanning 89 | - 🤖 Advanced automated attack chains 90 | - 🏢 Priority enterprise support 91 | - 🚀 LLM-enhanced strategic reasoning (Gen2) 92 | 93 |
96 | 97 | --- 98 | 99 | ## 📋 Requirements 100 | 101 | | Requirement | Details | 102 | |------------|---------| 103 | | **OS** | Linux (Debian/Ubuntu/Kali and other Debian-based distros) | 104 | | **Privileges** | Root access required | 105 | | **Python** | 3.8+ (managed automatically with binary) | 106 | | **Network** | Internet for installation, target network access | 107 | 108 | --- 109 | 110 | ## 🚀 Quick Install 111 | 112 | ```bash 113 | # Install via pipx (recommended) 114 | pipx install adscan 115 | 116 | # Install dependencies 117 | adscan install 118 | 119 | # Start ADscan 120 | adscan start 121 | ``` 122 | 123 | > **📚 Complete installation guide, quick start, and full documentation → [adscanpro.com/docs](https://adscanpro.com/docs?utm_source=github&utm_medium=readme&utm_campaign=install_cta)** 124 | 125 | --- 126 | 127 | ## 🤖 CI/CD Mode 128 | 129 | ADscan supports non-interactive mode for automated testing. 130 | 131 | > **📚 Complete CI/CD documentation and examples → [adscanpro.com/docs](https://adscanpro.com/docs?utm_source=github&utm_medium=readme&utm_campaign=cicd_cta)** 132 | 133 | --- 134 | 135 | ## 🏆 Tested On 136 | 137 | | Provider | Machine | Status | 138 | |----------|---------|--------| 139 | | Hack The Box | Forest (Retired) | ✅ Auto-pwned in ~3min | 140 | | Hack The Box | Active (Retired) | ✅ Auto-pwned | 141 | | Hack The Box | Cicada (Retired) | ✅ Auto-pwned | 142 | 143 | > **Contribute:** If you auto-pwn labs with ADscan, [open a PR](https://github.com/ADscanPro/adscan/pulls) to add them to the matrix! 144 | 145 | --- 146 | 147 | ## 🔒 Security & Privacy 148 | 149 | - **Telemetry**: Opt-in by default (toggle with `set telemetry off`) 150 | - **No sensitive data**: Only anonymized error data and feature usage 151 | - **Local-first**: All data stored in `~/.adscan/workspaces/` 152 | 153 | --- 154 | 155 | ## 📚 Documentation 156 | 157 | **All documentation, guides, walkthroughs, and command references are available at:** 158 | 159 | ### **[→ adscanpro.com/docs](https://adscanpro.com/docs?utm_source=github&utm_medium=readme&utm_campaign=docs_section)** 160 | 161 | Includes installation guides, quick start, complete command reference, CTF walkthroughs, lab guides, best practices, and more. 162 | 163 | --- 164 | 165 | ## 💬 Community & Support 166 | 167 |
168 | 169 | [![Discord](https://img.shields.io/badge/Discord-Join%20Community-7289da?style=for-the-badge&logo=discord&logoColor=white)](https://discord.com/invite/fXBR3P8H74) 170 | [![GitHub](https://img.shields.io/badge/GitHub-Report%20Bug-black?style=for-the-badge&logo=github)](https://github.com/ADscanPro/adscan/issues) 171 | [![Website](https://img.shields.io/badge/Website-adscanpro.com-blue?style=for-the-badge&logo=google-chrome&logoColor=white)](https://adscanpro.com) 172 | 173 |
174 | 175 | **Need help?** 176 | - 💬 Chat on [Discord](https://discord.com/invite/fXBR3P8H74) 177 | - 🐛 Report bugs via [GitHub Issues](https://github.com/ADscanPro/adscan/issues) 178 | - 📧 Enterprise support: [hello@adscanpro.com](mailto:hello@adscanpro.com) 179 | - 📚 **[Complete documentation → adscanpro.com/docs](https://adscanpro.com/docs?utm_source=github&utm_medium=readme&utm_campaign=support_cta)** 180 | 181 | --- 182 | 183 | ## 🎓 Presented At 184 | 185 | > **Announcement:** ADscan was presented at **Hackén 2025** cybersecurity conference. 186 | 187 | --- 188 | 189 | ## 📜 License 190 | 191 | © 2025 Yeray Martín Domínguez — Released under custom EULA 192 | ADscan LITE 3.1.2 | PRO edition: Q4 2025 193 | 194 | --- 195 | 196 |
197 | 198 | **⭐ Star this repo if ADscan helped you!** | **🔗 Share with [#adscan](https://twitter.com/search?q=%23adscan)** 199 | 200 | Made with ❤️ for the pentesting community 201 | 202 |
203 | --------------------------------------------------------------------------------