Install ADscan LITE, run your first scan, and choose the right path for labs vs real internal AD engagements.

Welcome to ADscan. This section gets you from “fresh box” to “first useful output” fast—without losing an hour to setup, copy/paste, and tool orchestration.

Authorization Required

ADscan is a powerful security tool. Only use it on systems you have explicit written authorization to test. Unauthorized use is illegal and unethical.

Installation Steps

Follow these steps in order to get ADscan running:

1. System Requirements

Verify your system meets the requirements

What is ADscan?

ADscan is a professional Active Directory security scanner with an interactive CLI that automates:

Enumeration: Discover users, computers, groups, and domain controllers
Credential Attacks: AS-REP roasting, Kerberoasting, credential spraying
Post-Exploitation: DCSync, SAM/LSA dumping, DPAPI extraction
Attack-Path Analysis: Native graph collector with BloodHound-compatible JSON export
Reporting: Organized workspace data for reporting and analysis

Key Features

Interactive CLI

Professional command-line interface with autocomplete, command history, and contextual help.

Two Operation Modes

Semi-automatic (auto=False) - Prompts before risky operations (production)
Automatic (auto=True) - Fast enumeration with minimal prompts (labs/CTFs)

Workspace Isolation

Each target domain gets its own workspace with isolated credentials, scan output, and attack-path graphs.

ADscan ships a native LDAP-based graph collector that materialises attack paths directly inside the container. The output is written as a BloodHound-compatible attack_graph.json per workspace — bring your own BloodHound CE instance if you want the graph UI, or read paths straight from the ADscan CLI with attack_paths.

Supported Platforms

ADscan runs on:

Debian 11, 12
Ubuntu 22.04 LTS, 24.04 LTS
Parrot OS 6.1, 6.3, 7.0
Kali Linux 2024.3, 2025.1, 2025.2, 2025.3, 2025.4 (recommended)

Architecture:

Linux x86_64 / amd64 is currently supported for launcher runtime commands.

Not supported (yet):

macOS (launcher runtime commands are Linux-only)
Windows (native launcher runtime commands are Linux-only)
Linux arm64 / aarch64 for Docker-mode runtime commands
Kali Linux ≤ 2024.2 (older baselines often cause issues; not recommended)
Arch-based distributions (Arch, Manjaro, Garuda, etc.)
RPM-based distributions (Fedora, RHEL, CentOS, Rocky/AlmaLinux, etc.)

Prerequisites

Before installing ADscan, ensure you have:

Linux operating system
15+ GB free disk space
Docker Engine (docker)
Internet connection for installation

Quick Installation

If you're ready to install right now:

# Install via pipx (recommended)
pipx install adscan

# Pull the ADscan image
adscan install

# Start ADscan
adscan start

ADscan does not require running every command under sudo. If your user cannot access the Docker daemon, fix that once (add user to docker group) instead of running everything as root.

For detailed installation instructions, see the Installation Guide.

Learning Path

For CTF Players

✅ System Requirements
✅ Installation
✅ Quick Start
🎯 HTB Forest Lab - Auto-walkthrough

For Penetration Testers

✅ System Requirements
✅ Installation
✅ Quick Start
📚 Best Practices - Professional guidelines
📖 Command Reference - Complete command documentation

For Red Teamers

✅ Complete installation and quickstart
📚 Review Best Practices
🔍 Study Scanning Commands for stealth options
🔐 Master Credential Management

Getting Help

Need assistance?

Discord: discord.com/invite/fXBR3P8H74
GitHub Issues: github.com/ADscanPro/adscan/issues
Documentation: Browse the guides and command references
Troubleshooting: See Troubleshooting Guide

Next Steps

Ready to begin? Start with the System Requirements to verify your environment, then proceed to Installation.

💼 Running 2+ internal AD engagements/year? Request PRO beta access — use it on a real engagement, validate the reporting workflow, share feedback. Beta access is free.

🚀 Getting Started