{"id":48644562,"url":"https://github.com/ADScanPro/adscan","last_synced_at":"2026-04-25T20:00:27.395Z","repository":{"id":302293175,"uuid":"1009711791","full_name":"ADScanPro/adscan","owner":"ADScanPro","description":"Free Active Directory pentesting tool and Linux CLI for AD enumeration, BloodHound, Kerberoasting, ADCS, DCSync, and attack paths.","archived":false,"fork":false,"pushed_at":"2026-04-15T15:12:07.000Z","size":13199,"stargazers_count":253,"open_issues_count":0,"forks_count":32,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-15T17:14:58.952Z","etag":null,"topics":["active-directory","active-directory-certificate-services","active-directory-exploitation","activedirectory","adcs","adscan","bloodhound","ctf","dcsync","enumeration","kerberoasting","kerberos","linux","penetration-testing","pentest","pentest-tool","pentesting","red-team","redteam","security-tools"],"latest_commit_sha":null,"homepage":"https://www.adscanpro.com/docs","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ADScanPro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-06-27T15:25:36.000Z","updated_at":"2026-04-15T15:12:11.000Z","dependencies_parsed_at":"2026-03-05T01:01:27.043Z","dependency_job_id":null,"html_url":"https://github.com/ADScanPro/adscan","commit_stats":null,"previous_names":["adscanpro/adscan"],"tags_count":41,"template":false,"template_full_name":null,"purl":"pkg:github/ADScanPro/adscan","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ADScanPro%2Fadscan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ADScanPro%2Fadscan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ADScanPro%2Fadscan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ADScanPro%2Fadscan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ADScanPro","download_url":"https://codeload.github.com/ADScanPro/adscan/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ADScanPro%2Fadscan/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32274982,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-25T18:29:39.964Z","status":"ssl_error","status_checked_at":"2026-04-25T18:29:32.149Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active-directory","active-directory-certificate-services","active-directory-exploitation","activedirectory","adcs","adscan","bloodhound","ctf","dcsync","enumeration","kerberoasting","kerberos","linux","penetration-testing","pentest","pentest-tool","pentesting","red-team","redteam","security-tools"],"created_at":"2026-04-10T01:00:38.670Z","updated_at":"2026-04-25T20:00:27.383Z","avatar_url":"https://github.com/ADScanPro.png","language":"Python","readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cimg width=\"740\" height=\"198\" alt=\"adscan_wordmark_horizontal_transparent_cropped\" src=\"https://github.com/user-attachments/assets/4902f205-d9bc-453e-b2ac-8c7d7fa2f329\" /\u003e\n\n# ADscan - Active Directory Pentesting CLI\n\n[![Version](https://img.shields.io/badge/version-7.2.0--lite-blue.svg)](https://github.com/ADscanPro/adscan/releases)\n[![downloads](https://static.pepy.tech/badge/adscan)](https://pepy.tech/projects/adscan)\n[![License: BSL 1.1](https://img.shields.io/badge/license-BSL%201.1-blue.svg)](https://github.com/ADscanPro/adscan/blob/main/LICENSE)\n[![Platform](https://img.shields.io/badge/platform-Linux-lightgrey.svg)](https://github.com/ADscanPro/adscan)\n[![Discord](https://img.shields.io/discord/1355089867096199300?color=7289da\u0026label=Discord\u0026logo=discord\u0026logoColor=white)](https://discord.com/invite/fXBR3P8H74)\n\n**Free Active Directory pentesting CLI for AD enumeration, BloodHound, Kerberoasting, ADCS, and attack paths.**\n\nADscan is a free Linux CLI for pentesters, red teamers, and security consultants who need one workflow for Active Directory enumeration, BloodHound collection, Kerberoasting, AS-REP roasting, ADCS checks, password spraying, DCSync, credential dumping, and evidence export.\n\nIt is built for real internal Active Directory assessments and labs, so you can go from unauthenticated recon to privilege escalation from one terminal instead of juggling isolated scripts, cheatsheets, and wrappers.\n\n**[Docs](https://adscanpro.com/docs?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=docs_cta)** | [Discord](https://discord.com/invite/fXBR3P8H74) | [Website](https://adscanpro.com)\n\n\u003c/div\u003e\n\n---\n\n## ๐ŸŽฌ Demo\n\n[![asciicast](https://asciinema.org/a/734180.svg)](https://asciinema.org/a/734180?autoplay=1)\n\n_Auto-pwns **HTB Forest** in ~3 minutes_\n\n---\n\n## ๐Ÿš€ Quick Start\n\n```bash\npipx install adscan\nadscan install\nadscan start\n```\n\n\u003e **Full installation guide \u0026 docs** at [adscanpro.com/docs](https://adscanpro.com/docs?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=install_cta)\n\n## ๐ŸŽฏ Why Pentesters Use ADscan\n\n- **Active Directory enumeration from one CLI:** DNS, LDAP, SMB, Kerberos, trust, ADCS, and BloodHound-ready collection in one workflow.\n- **Attack execution without tool-hopping:** Kerberoasting, AS-REP roasting, password spraying, GPP, DCSync, and credential workflows stay inside the same workspace.\n- **Built for real pentest cadence:** use it in internal AD audits, red team operations, HTB/VulnLab labs, and repeatable attack-path validation.\n- **Evidence-first output:** keep domain-scoped workspaces and export TXT/JSON artifacts for reports, retesting, or client handoff.\n\n## โšก Common Active Directory Pentest Workflows\n\nUse ADscan when you need to move quickly through internal Active Directory assessments:\n\n- **CTF and lab auto-pwn:** reproduce HTB Forest, Active, and Cicada attack chains from the docs.\n- **Unauthenticated AD recon:** discover domains, DNS, SMB exposure, null sessions, users, and roastable accounts.\n- **Authenticated enumeration:** collect LDAP, SMB, Kerberos, ADCS, BloodHound CE data, and credential exposure.\n- **Privilege escalation:** execute supported Kerberoasting, AS-REP Roasting, DCSync, GPP password, ADCS, and local credential workflows.\n- **Evidence handling:** keep workspaces isolated and export findings to TXT/JSON for reports.\n\n## ๐Ÿงญ Usage Examples\n\n```bash\nadscan start\nstart_unauth\n```\n\nMore walkthroughs:\n\n- [HTB Forest auto-pwn](https://adscanpro.com/docs/labs/htb/forest?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=ctf_forest)\n- [HTB Active walkthrough](https://adscanpro.com/docs/labs/htb/active?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=ctf_active)\n- [HTB Cicada walkthrough](https://adscanpro.com/docs/labs/htb/cicada?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=ctf_cicada)\n\n## ๐Ÿงช Developer Setup (uv)\n\nFor local development in this repository:\n\n```bash\nuv sync --extra dev\nuv run adscan --help\nuv run adscan version\n```\n\nQuality checks:\n\n```bash\nuv run ruff check adscan_core adscan_launcher adscan_internal\nuv run pytest -m unit\nuv run python -m build\n```\n\n---\n\n## โœจ Active Directory Attack Coverage\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd width=\"50%\"\u003e\n\n### LITE (Free, Source Available)\n\n**Everything a pentester could do manually, 10x faster:**\n- โœ… Three operation modes (automatic/semi-auto/manual)\n- โœ… DNS, LDAP, SMB, Kerberos enumeration\n- โœ… AS-REP Roasting \u0026 Kerberoasting\n- โœ… Password spraying\n- โœ… BloodHound collection \u0026 analysis\n- โœ… Credential harvesting (SAM, LSA, DCSync)\n- โœ… ADCS detection \u0026 template enumeration\n- โœ… GPP passwords \u0026 CVE enumeration\n- โœ… Export to TXT/JSON\n- โœ… Workspace \u0026 evidence management\n\n\u003c/td\u003e\n\u003ctd width=\"50%\"\u003e\n\n### PRO\n\n**What nobody can do manually in reasonable time:**\n- ๐ŸŽฏ Algorithmic attack graph generation\n- ๐ŸŽฏ Auto-exploitation chains (DNS to DA)\n- ๐ŸŽฏ ADCS ESC1-13 auto-exploitation\n- ๐ŸŽฏ MITRE-mapped Word/PDF reports\n- ๐ŸŽฏ Multi-domain trust spidering\n- ๐ŸŽฏ Advanced privilege escalation chains\n- ๐ŸŽฏ Priority enterprise support\n\n[Full comparison](https://adscanpro.com/docs/lite-vs-pro) | [Learn more](https://adscanpro.com?utm_source=github\u0026utm_medium=readme\u0026utm_campaign=pro_cta)\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n---\n\n## ๐Ÿ“‹ Requirements\n\n| | |\n|---|---|\n| **OS** | Linux (Debian/Ubuntu/Kali) |\n| **Docker** | Docker Engine + Compose |\n| **Privileges** | `docker` group or `sudo` |\n| **Network** | Internet (pull images) + target network |\n\n---\n\n## ๐Ÿ“œ License\n\nSource available under the [Business Source License 1.1](LICENSE).\n\n- **Use freely** for pentesting (personal or paid engagements)\n- **Read, modify, and redistribute** the source code\n- **Cannot** create a competing commercial product\n- **Converts to Apache 2.0** on 2029-02-01\n\n---\n\n## ๐Ÿ’ฌ Community\n\n\u003cdiv align=\"center\"\u003e\n\n[![Discord](https://img.shields.io/badge/Discord-Join%20Community-7289da?style=for-the-badge\u0026logo=discord\u0026logoColor=white)](https://discord.com/invite/fXBR3P8H74)\n[![GitHub Issues](https://img.shields.io/badge/GitHub-Report%20Bug-black?style=for-the-badge\u0026logo=github)](https://github.com/ADscanPro/adscan/issues)\n\n\u003c/div\u003e\n\n## ๐Ÿค Contributing\n\nBug reports, lab reproductions, command-output samples, and focused pull requests are welcome. See [CONTRIBUTING.md](CONTRIBUTING.md) and open an issue with your OS, Docker version, ADscan version, command, and sanitized output.\n\nEnterprise support: [hello@adscanpro.com](mailto:hello@adscanpro.com)\n\n---\n\n\u003cdiv align=\"center\"\u003e\n\n(c) 2024-2026 Yeray Martin Dominguez | [adscanpro.com](https://adscanpro.com)\n\n\u003c/div\u003e\n","funding_links":[],"categories":["Operating Systems"],"sub_categories":["Windows"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FADScanPro%2Fadscan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FADScanPro%2Fadscan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FADScanPro%2Fadscan/lists"}