DarkMoon brings AI-driven autonomous penetration testing to open source

DarkMoon is a new open-source platform that uses AI agents to run automated penetration testing workflows across web, network, Active Directory, Kubernetes, cloud, and application environments. The project combines a multi-agent AI layer with more than 50 security tools inside a Docker-based toolbox.

The platform is designed for authorized security testing, not casual scanning of unknown systems. Its main promise is repeatability: security teams can define a target, let the AI plan the assessment, and receive evidence-based findings without manually chaining every tool together.

The project’s GitHub repository describes DarkMoon as an autonomous AI pentesting engine that uses agentic reasoning, real exploit execution, and attack path analysis to produce proof-based vulnerabilities. It currently has 110 GitHub stars, 19 forks, and no published GitHub releases at the time of writing.

What DarkMoon does

DarkMoon acts as an orchestration layer for security assessments. The AI decides what to test next, while a controlled Model Context Protocol execution layer handles tool access and keeps commands inside the platform’s defined boundaries.

The architecture separates planning from execution. The AI reasons and delegates work, the MCP layer controls what can run, and the Docker toolbox executes security tools in isolation.

This matters because autonomous security tools carry real risk if they run without guardrails. DarkMoon’s design tries to reduce that risk by keeping the AI away from direct system execution and routing activity through a controlled interface.

At a glance

Category	Details
Project name	DarkMoon
Repository	ASCIT31/Dark-Moon
License	GPL-3.0
Main purpose	Autonomous AI-powered penetration testing
Execution model	AI planning, MCP-controlled execution, Docker toolbox isolation
Integrated tools	More than 50 security tools
Supported areas	Web, CMS, Active Directory, Kubernetes, GraphQL, network, and browser-based testing
LLM support	OpenAI, Anthropic, OpenRouter, Ollama, and llama.cpp

How the assessment flow works

When a target enters the platform, DarkMoon starts with discovery. It identifies open ports, services, protocols, application frameworks, content management systems, APIs, and other visible attack surface details.

The platform then chooses specialized sub-agents based on what it finds. For example, CMS-focused agents can handle WordPress, Drupal, Joomla, Magento, PrestaShop, and Moodle, while a Kubernetes agent can use Kubernetes-specific tools.

The goal is to move beyond a static scan. DarkMoon can adapt its next steps based on results, validate findings with evidence, and generate a structured report after the assessment.

Tools included in the Docker toolbox

The project ships with a Docker image that includes more than 50 tools. This gives the AI agent a ready-made testing environment without requiring users to configure every scanner or utility manually.

The toolset includes port scanners such as Naabu and Masscan, web testing tools such as Nuclei, ffuf, dirb, sqlmap, Arjun, and wafw00f, and reconnaissance tools such as Subfinder, Katana, Waybackurls, and httpx.

DarkMoon also includes CMS, Active Directory, Kubernetes, network, and browser-focused utilities, including WPScan, CMSeeK, WhatWeb, NetExec, BloodHound, Impacket scripts, kubectl, Kubescape, Kubeletctl, Hydra, curl, dig, SNMP tools, and Lightpanda.

Main agent categories

• CMS agents for platforms such as WordPress, Drupal, Joomla, Magento, PrestaShop, and Moodle.
• Stack-specific agents for PHP, Node.js, Flask, ASP.NET, Spring Boot, and Ruby on Rails.
• GraphQL agents for API-specific assessment workflows.
• Active Directory agents for internal network and identity-focused testing.
• Kubernetes agents for cluster and workload checks.
• Headless browser agents for cases where rendering or browser interaction is required.

Why security teams may be interested

DarkMoon fits a broader move toward AI-assisted security testing. Penetration testing still needs skilled humans, but AI orchestration can help teams scale repetitive discovery, scanning, validation, and reporting work.

DevSecOps teams may use this type of platform to run authorized checks after builds or before production changes. Bug bounty hunters and researchers may use it to speed up target mapping and triage, provided they stay inside program scope.

For organizations, the main value is consistency. A controlled AI workflow can apply the same assessment process across many assets, generate comparable reports, and reduce missed steps caused by manual handoffs.

Where caution is still needed

Autonomous penetration testing can create business and legal risk if teams do not define scope clearly. A misconfigured target, missing exclusion, or overly aggressive scan can affect systems that the tester does not own or control.

AI agents can also make wrong assumptions. A finding still needs human review before an organization treats it as confirmed risk, especially when the result affects production systems, compliance reporting, or customer data.

DarkMoon’s own design uses a controlled execution layer, but that does not remove the need for authorization, rate limits, logging, and change-control procedures.

Recommended safeguards before use

• Run DarkMoon only against systems you own or have written permission to test.
• Define target scope, exclusions, credentials, and testing intensity before starting an assessment.
• Use isolated test environments when evaluating the tool for the first time.
• Review every generated finding before sharing it as a confirmed vulnerability.
• Keep logs of tool execution, target scope, timestamps, and user approvals.
• Coordinate with system owners before running checks against production assets.
• Restrict access to LLM API keys, target credentials, and generated reports.
• Monitor outbound network activity from the Docker environment.

How it compares with traditional scanners

Area	Traditional scanner	DarkMoon-style AI workflow
Test planning	Usually rule-based or user-defined	AI plans next steps based on discovered context
Tool chaining	Often manual or scripted	Agents coordinate tools through the controlled execution layer
Adaptation	Limited to scanner logic	Can select sub-agents based on technology fingerprints
Reporting	Usually scanner-generated	Designed for structured, evidence-based assessment reports
Risk	False positives and noisy scans	False positives plus AI reasoning and scope-control risks

The bigger trend

DarkMoon reflects a wider shift in cybersecurity tooling. AI agents are moving from simple advisory roles into systems that can plan workflows, run tools, interpret results, and produce reports.

Research projects such as PentestGPT and newer autonomous testing frameworks have already shown strong interest in multi-agent and LLM-assisted penetration testing. DarkMoon brings that idea into an open-source toolchain built around real security utilities.

The direction is clear: more security testing will become automated and agent-driven. The challenge is making that automation safe, scoped, auditable, and useful for defenders rather than risky or noisy.

Summary

• DarkMoon is an open-source AI-powered autonomous penetration testing platform.
• It uses AI agents, an MCP-controlled execution layer, and a Docker toolbox.
• The toolbox includes more than 50 security tools for web, network, CMS, Active Directory, Kubernetes, and reconnaissance work.
• The platform supports cloud LLM providers and local model options.
• Its main value is repeatable, evidence-based assessment automation.
• Teams should use it only in authorized environments with clear scope and human review.

FAQ