Skip to content
ADscan Docs
ADscan PRO

ADscan PRO

Automated Active Directory pentest with MITRE-mapped compliance reports. Docker-based, self-hosted, zero data leaves your infrastructure.

PRO ACCESS· Beta Partner

This documentation is private. The Docker image is served from GitHub Container Registry — we grant your GitHub account read access, and your partner tag arrived in your onboarding email. Any issue → Discord or [email protected] — same-day response guaranteed.

ADscan PRO extends the open-source CLI with a professional report engine. Run the same AD pentest you already know — get a client-ready PDF and structured JSON out the other side.

What PRO adds

FeatureLITE (open source)PRO
AD enumeration + exploitation
Attack path generation
Raw JSON export
MITRE-mapped PDF report
Compliance mapper (ISO 27001 / ENS / DORA)
Executive summary section
Per-finding remediation roadmap
Attack path diagrams (Cytoscape)
Dark/light premium themes
--display-name for client branding
Re-report from existing workspace

Quick start

Supported compliance frameworks

KeyFrameworkPrimary use case
iso27001ISO/IEC 27001:2022Certification audits, MSSP quarterly compliance
ensENS Alto (CCN-CERT)Spanish public sector (default)
nis2NIS2 — EU Directive 2022/2555EU critical-infrastructure operators
doraDORA EU 2022/2554EU financial entities
pci_dssPCI DSS v4Card-handling environments

You can combine frameworks in a single report: --frameworks iso27001,dora

How it fits your workflow

ADscan PRO is designed for pentesters and MSSPs running compliance engagements.

The typical flow (interactive — recommended):

1. adscan start — interactive REPL, same flow you know from LITE
2. Walk each phase: recon → kerberos → ACL → attack-path collection → exploitation
3. deliver --display-name "Client Name" — packages 4 PDFs in 90 seconds
4. PDF → hand to client / attach to engagement report
5. JSON → ingest into your own reporting pipeline

For batched or scheduled runs, adscan ci provides a one-shot non-interactive variant (experimental — see Generate a Report).

The JSON output is structured and stable — designed to be parsed, not just read.

Support

Find this useful?
Pass it to the next pentester running an AD engagement
Running 2+ AD engagements/year?
Get PRO free — beta access·Free in exchange for feedback
Automated PDF reports. Save ≥1 day per engagement.

ADscan — AD pentest automation for security consultants

ADscan PRO | ADscan