How does ADscan reduce AD pentest time from 5 days to 2?

ADscan automates enumeration (saves 1-2 days), provides semi-guided exploitation paths (saves 1-2 days), and generates MITRE-mapped reports automatically (saves 0.5-1 day). The operator confirms all actions while ADscan handles the grunt work.

What's the difference between ADscan and PingCastle/Purple Knight?

PingCastle and Purple Knight are excellent risk assessment tools for IT teams. ADscan goes further by executing semi-guided exploitation, building complete attack chains, and outputting pentester-ready MITRE-mapped evidence for consulting deliverables.

How is ADscan different from Pentera?

Pentera is a GUI-based automated platform designed for IT teams to run simulations. ADscan is a CLI tool built for pentesters who need granular control over attack vectors, reproducible evidence, and detailed technical reporting for client deliverables.

Does ADscan work in air-gapped environments?

Yes. ADscan supports offline licenses and includes an optional on-premises license server for completely air-gapped deployments. All tools and wordlists are bundled locally.

What operating systems does ADscan support?

Currently Linux (Kali, Ubuntu, Debian, Parrot). Docker and Windows support are in the near-term roadmap. Design Partners get early access to new platform releases.

Can ADscan integrate with existing pentest workflows?

Yes. ADscan exports to JSON for integration with other tools, generates Word reports using your templates, and works alongside BloodHound, NetExec, and other standard AD pentest tools.

How much does ADscan cost for consulting companies?

PRO seats start at €997/year. Enterprise team packs (5/10/25 seats) include volume discounts, SSO, and priority support. POV Pass available at €249 per 14-day engagement for project-based testing.

What's included in the 14-day POV?

Full ADscan PRO features, setup assistance, Word report generation, and a debrief session with your team lead. No credit card required. Run in your non-production lab environment.

What is the difference between a POV and the Design Partner program?

POV is a 14-day lab evaluation to validate fit. Design Partner is a 90-day collaboration with direct support, early features and limited discounted pricing in exchange for an anonymous/public case.

Getting Started

Welcome to ADscan! This section will help you install and configure ADscan for your first Active Directory security assessment.

Authorization Required

ADscan is a powerful security tool. Only use it on systems you have explicit written authorization to test. Unauthorized use is illegal and unethical.

Installation Steps

Follow these steps in order to get ADscan running:

1. System Requirements

Verify your system meets the requirements

2. Installation

Install ADscan via pipx, pip, or binary

3. Quick Start

Run your first scan in under 5 minutes

What is ADscan?

ADscan is a professional Active Directory security scanner with an interactive TUI that automates:

Enumeration: Discover users, computers, groups, and domain controllers
Credential Attacks: AS-REP roasting, Kerberoasting, credential spraying
Post-Exploitation: DCSync, SAM/LSA dumping, DPAPI extraction
BloodHound Integration: Automatic collection and analysis of attack paths
Reporting: Organized workspace data for reporting and analysis

Key Features

Interactive TUI

Professional command-line interface with autocomplete, command history, and contextual help.

Two Operation Modes

Semi-automatic (auto=False) - Prompts before risky operations (production)
Automatic (auto=True) - Fast enumeration with minimal prompts (labs/CTFs)

Kali Linux (recommended)
Ubuntu/Debian 20.04+
Parrot OS
Any Linux with Python 3.8+ and Docker

Prerequisites

Before installing ADscan, ensure you have:

Linux operating system (root/sudo access)
Python 3.8 or higher
10+ GB free disk space
Docker and Docker Compose
Internet connection for installation

Quick Installation

If you're ready to install right now:

# Install via pipx (recommended)
pipx install adscan

# Install dependencies
sudo adscan install

# Start ADscan
adscan start

For detailed installation instructions, see the Installation Guide.

Learning Path

For CTF Players

✅ System Requirements
✅ Installation
✅ Quick Start
🎯 CTF Walkthrough - Auto-pwn HTB Forest

For Penetration Testers

✅ System Requirements
✅ Installation
✅ Quick Start
📚 Best Practices - Professional guidelines
📖 Command Reference - Complete command documentation

For Red Teamers

✅ Complete installation and quickstart
📚 Review Best Practices
🔍 Study Scanning Commands for stealth options
🔐 Master Credential Management

Getting Help

Need assistance?

Discord: discord.com/invite/fXBR3P8H74
GitHub Issues: github.com/ADscanPro/adscan/issues
Documentation: Browse the guides and command references
Troubleshooting: See Troubleshooting Guide

Next Steps

Ready to begin? Start with the System Requirements to verify your environment, then proceed to Installation.

Pro Version

ADscan PRO with advanced features (trust enumeration, ADCS exploitation, automated reporting) launches Q4 2025. Request a 14-day proof of value.