Skip to content
ADscan Docs

LITE vs PRO

What ships in ADscan LITE, what PRO adds, and how to upgrade.

Overview

ADscan ships in three tiers:

  • LITE — free CLI engine. The full scan core, attack-path analysis, and operator workflow.
  • PRO — LITE plus the Client Deliverable Kit (four PDFs + ZIP) generated by adscan deliver.
  • Enterprise — continuous CTEM/BAS web service with weekly digests and team collaboration.

The LITE CLI is distributed under the Business Source License 1.1. PRO and Enterprise are commercial.

LITE — free CLI engine

CategoryFeatures
EnumerationDNS, LDAP, SMB, Kerberos, Nmap, delegations, privileges, MSSQL, ADCS, CVEs, GPP, trusts
Credential attacksAS-REP roasting, Kerberoasting, password spraying, SAM/LSA/DCSync, hash cracking
Attack-path graphNative LDAP graph collector + BloodHound-compatible JSON export per workspace
Attack graphsAlgorithmic attack-path generation, auto-exploitation chains
ADCSDetection, template enumeration, ESC1-16 auto-exploitation
Post-exploitationPost-DA enumeration, Backup/Account Operators escalation
OperationsThree modes (auto/semi/manual), CI/CD mode, workspaces
ExportTXT/JSON export, operator cheat-sheet PDF (adscan cheatsheet), MITRE ATT&CK Navigator layer (adscan mitre-navigator)

LITE ships eleven commands: start, ci, demo, tui, cheatsheet, mitre-navigator, welcome, check, install, update, version.

The technical_report.json export contains every finding ADscan surfaces — raw and machine-readable, yours to pipe into your own reporting (PwnDoc, custom templates, scripts). Turning it into a client-, board-, or auditor-ready deliverable by hand is hours per engagement; adscan deliver (PRO) produces the full kit in 90 seconds.

PRO — Client Deliverable Kit

PRO adds one command: adscan deliver. It generates the full Client Deliverable Kit in 90 seconds.

PDFAudienceUse case
Security Assessment ReportCISO / boardBoard-ready summary with Posture Score, findings, attack paths, and the ATT&CK lens
AD Hardening PlaybookSecurity team leadDeep remediation runbooks by finding ID, plus a 30-day prioritized plan
AD Control Coverage ReportBoard / auditVerified-clear control assurance: what ADscan tested, mapped to ENS Alto, NIS2, ISO 27001, DORA, and PCI DSS controls
MITRE ATT&CK Navigator bundleSOC / detectionInteractive ATT&CK layer + HTML viewer + diff vs the previous scan
# Full kit
adscan deliver --workspace acme.local --client "Acme Corp"

# Single PDF
adscan deliver --workspace acme.local --only playbook

# Subset
adscan deliver --workspace acme.local --only executive,checklist

Output: a ZIP at <workspace>/deliverables/<date>-adscan-kit.zip plus a manifest.json.

Full Client Deliverable Kit page

Enterprise — CTEM web

A web platform for continuous threat exposure management. Designed for CISOs and security teams who need ongoing visibility.

FeatureDetails
Continuous AD monitoringScheduled scans with drift detection
Web dashboardCentralized view of all domains
Risk scoring & trendsTrack security posture over time
Team collaborationMulti-user with role-based access
Priority support1:1 onboarding and dedicated support

Licensing

LITE is distributed under the Business Source License 1.1:

  • Read, use, and modify the code freely
  • Use for pentesting (personal or paid client engagements)
  • Cannot create a competing commercial product
  • Converts to Apache 2.0 on 2029-02-01

PRO and Enterprise are distributed under a separate commercial license.

Current availability

PRO is in beta. 30-day access is free for security consultants running real AD engagements — in exchange for honest feedback and a testimonial if it delivers. Request via [email protected] or adscanpro.com/pro.

Enterprise CTEM is in validation. We run a free live assessment in your environment (1-2h session via VPN) so you can see the platform in action before committing. Request via adscanpro.com/pov.

Find this useful?
Pass it to the next pentester running an AD engagement
Running 2+ AD engagements/year?
Get PRO free — beta access·Free in exchange for feedback
Automated PDF reports. Save ≥1 day per engagement.

ADscan — AD pentest automation for security consultants

LITE vs PRO | ADscan