Active Directory is where most internal compromises happen and where most AI tools give up. Darkmoon runs the AD attack path autonomously and shows every step.
Why AD is hard for AI
AD attack paths are stateful and multi step. A single prompt cannot hold the whole graph. You need an agent loop that enumerates, reasons and pivots while keeping state.
Playbooks as the state engine
In Darkmoon the AD methodology is a Markdown playbook you can read and fork. The agent follows it, the proxy keeps the state, and every tool call is explicit.
From foothold to domain
The agent enumerates with BloodHound style logic, identifies attack paths, and executes them with real tools, attaching the output of each step.
Auditable by design
Because the method is a file and the execution is logged, a reviewer can follow exactly how the domain fell.
Try it
Run it on GOAD and read the generated attack path end to end.
- Repo (GPLv3): https://github.com/ASCIT31/Dark-Moon
- Docs: https://docs.dark-moon.org/
- Demo: https://youtu.be/1bFRVuMkZzY
Built by pentesters, open sourced for pentesters. Feedback on the methodology and the evidence trail is genuinely welcome.
Top comments (0)