LITE vs PRO
What ships in ADscan LITE, what PRO adds, and how to upgrade.
Overview
ADscan ships in three tiers:
- LITE — free CLI engine. The full scan core, attack-path analysis, and operator workflow.
- PRO — LITE plus the Client Deliverable Kit (four PDFs + ZIP) generated by
adscan deliver. - Enterprise — continuous CTEM/BAS web service with weekly digests and team collaboration.
The LITE CLI is distributed under the Business Source License 1.1. PRO and Enterprise are commercial.
LITE — free CLI engine
| Category | Features |
|---|---|
| Enumeration | DNS, LDAP, SMB, Kerberos, Nmap, delegations, privileges, MSSQL, ADCS, CVEs, GPP, trusts |
| Credential attacks | AS-REP roasting, Kerberoasting, password spraying, SAM/LSA/DCSync, hash cracking |
| Attack-path graph | Native LDAP graph collector + BloodHound-compatible JSON export per workspace |
| Attack graphs | Algorithmic attack-path generation, auto-exploitation chains |
| ADCS | Detection, template enumeration, ESC1-16 auto-exploitation |
| Post-exploitation | Post-DA enumeration, Backup/Account Operators escalation |
| Operations | Three modes (auto/semi/manual), CI/CD mode, workspaces |
| Export | TXT/JSON export, operator cheat-sheet PDF (adscan cheatsheet), MITRE ATT&CK Navigator layer (adscan mitre-navigator) |
LITE ships eleven commands: start, ci, demo, tui, cheatsheet, mitre-navigator, welcome, check, install, update, version.
The technical_report.json export contains every finding ADscan surfaces — raw and machine-readable, yours to pipe into your own reporting (PwnDoc, custom templates, scripts). Turning it into a client-, board-, or auditor-ready deliverable by hand is hours per engagement; adscan deliver (PRO) produces the full kit in 90 seconds.
PRO — Client Deliverable Kit
PRO adds one command: adscan deliver. It generates the full Client Deliverable Kit in 90 seconds.
| Audience | Use case | |
|---|---|---|
| Security Assessment Report | CISO / board | Board-ready summary with Posture Score, findings, attack paths, and the ATT&CK lens |
| AD Hardening Playbook | Security team lead | Deep remediation runbooks by finding ID, plus a 30-day prioritized plan |
| AD Control Coverage Report | Board / audit | Verified-clear control assurance: what ADscan tested, mapped to ENS Alto, NIS2, ISO 27001, DORA, and PCI DSS controls |
| MITRE ATT&CK Navigator bundle | SOC / detection | Interactive ATT&CK layer + HTML viewer + diff vs the previous scan |
# Full kit
adscan deliver --workspace acme.local --client "Acme Corp"
# Single PDF
adscan deliver --workspace acme.local --only playbook
# Subset
adscan deliver --workspace acme.local --only executive,checklistOutput: a ZIP at <workspace>/deliverables/<date>-adscan-kit.zip plus a manifest.json.
Full Client Deliverable Kit page
Enterprise — CTEM web
A web platform for continuous threat exposure management. Designed for CISOs and security teams who need ongoing visibility.
| Feature | Details |
|---|---|
| Continuous AD monitoring | Scheduled scans with drift detection |
| Web dashboard | Centralized view of all domains |
| Risk scoring & trends | Track security posture over time |
| Team collaboration | Multi-user with role-based access |
| Priority support | 1:1 onboarding and dedicated support |
Licensing
LITE is distributed under the Business Source License 1.1:
- Read, use, and modify the code freely
- Use for pentesting (personal or paid client engagements)
- Cannot create a competing commercial product
- Converts to Apache 2.0 on 2029-02-01
PRO and Enterprise are distributed under a separate commercial license.
Current availability
PRO is in beta. 30-day access is free for security consultants running real AD engagements — in exchange for honest feedback and a testimonial if it delivers. Request via [email protected] or adscanpro.com/pro.
Enterprise CTEM is in validation. We run a free live assessment in your environment (1-2h session via VPN) so you can see the platform in action before committing. Request via adscanpro.com/pov.