How does ADscan reduce AD pentest time from 5 days to 2?

ADscan automates enumeration (saves 1-2 days), provides semi-guided exploitation paths (saves 1-2 days), and generates MITRE-mapped reports automatically (saves 0.5-1 day). The operator confirms all actions while ADscan handles the grunt work.

What's the difference between ADscan and PingCastle/Purple Knight?

PingCastle and Purple Knight are excellent risk assessment tools for IT teams. ADscan goes further by executing semi-guided exploitation, building complete attack chains, and outputting pentester-ready MITRE-mapped evidence for consulting deliverables.

How is ADscan different from Pentera?

Pentera is a GUI-based automated platform designed for IT teams to run simulations. ADscan is a CLI tool built for pentesters who need granular control over attack vectors, reproducible evidence, and detailed technical reporting for client deliverables.

Does ADscan work in air-gapped environments?

Yes. ADscan supports offline licenses and includes an optional on-premises license server for completely air-gapped deployments. All tools and wordlists are bundled locally.

What operating systems does ADscan support?

Currently Linux (Kali, Ubuntu, Debian, Parrot). Docker and Windows support are in the near-term roadmap. Design Partners get early access to new platform releases.

Can ADscan integrate with existing pentest workflows?

Yes. ADscan exports to JSON for integration with other tools, generates Word reports using your templates, and works alongside BloodHound, NetExec, and other standard AD pentest tools.

How much does ADscan cost for consulting companies?

PRO seats start at €997/year. Enterprise team packs (5/10/25 seats) include volume discounts, SSO, and priority support. POV Pass available at €249 per 14-day engagement for project-based testing.

What's included in the 14-day POV?

Full ADscan PRO features, setup assistance, Word report generation, and a debrief session with your team lead. No credit card required. Run in your non-production lab environment.

What is the difference between a POV and the Design Partner program?

POV is a 14-day lab evaluation to validate fit. Design Partner is a 90-day collaboration with direct support, early features and limited discounted pricing in exchange for an anonymous/public case.

Welcome to ADscan

Professional Active Directory security scanner with automated enumeration, exploitation, and reporting capabilities.

ADscan is a professional Active Directory security scanner with an interactive TUI that automates enumeration, exploitation, and post-exploitation on internal networks.

Current version: 2.3.0 LITE · Request 14-day PRO POV

LITE (available now)	PRO (Q4 2025)
Interactive TUI with history + autocomplete	Trust relationship auto-enum
Authenticated + unauthenticated scanning modes	ADCS ESC auto-exploitation
Kerberos attacks, BloodHound ingestion, credential dumping	Automated Word/PDF reporting + accelerated cracking
Workspace + credential management, CI commands	Enterprise-grade automation & support SLAs

Community & Support

🐙 GitHub: github.com/ADscanPro/adscan
💬 Discord: discord.com/invite/fXBR3P8H74
🌐 Website: adscanpro.com
📧 Enterprise: hello@adscanpro.com

Star the repo if ADscan helped your team and share results with the #adscan tag—feedback drives the roadmap. ⭐️

Welcome to ADscan

Quick Start

System Requirements

Installation

Quickstart Guide

CTF Walkthrough

Core Features

🚀 Auto-Pwn Workflow

⚙️ Guided Interactive TUI

🔄 Semi/Automatic Modes

🩺 BloodHound CE Integration

🔐 Built-in Post-Exploitation

Command Reference

Commands Overview

Workspace Management

Scanning Commands

Credential Management

Guides

All Guides

CTF Walkthrough

Best Practices

Troubleshooting

LITE vs. PRO Highlights

Community & Support

On this page