Summary

DarkMoon is an open-source, AI-powered autonomous penetration testing platform automating continuous offensive security assessments across web, cloud, Active Directory, and Kubernetes. It targets security teams and DevSecOps engineers, offering a scalable, consistent, and cost-effective alternative to manual testing through agentic reasoning and real exploit execution.

How It Works

DarkMoon orchestrates specialized AI security agents aligned with ISO 27001, NIST SP 800-115, and MITRE ATT&CK. It discovers targets, fingerprints technologies, models attack surfaces, and deploys agents (e.g., for CMS, AD, Kubernetes) for adaptive vulnerability scanning. All actions are funneled through a controlled MCP (Master Control Program) interface, executing tools within an isolated Docker toolbox for security by design. Findings are validated with evidence and compiled into structured reports.

Quick Start & Requirements

• Installation: Clone (git clone https://github.com/ASCIT31/Dark-Moon.git), cd Dark-Moon, then run ./install.sh for configuration and build.
• Prerequisites: Docker, Docker Compose, and an LLM API key (OpenRouter, Anthropic, OpenAI, or local models) are required.
• Environment: Detailed GPU/driver setup is in the Full Documentation.
• Run: ./darkmoon.sh "TARGET: example.com".

Highlighted Details

• Integrates 50+ security tools (Nuclei, NetExec, BloodHound, sqlmap, etc.) in a Docker image.
• Features an adaptive multi-agent methodology for diverse targets (Web, AD, Kubernetes, CMS, etc.).
• Automates structured, evidence-based vulnerability reporting.
• Adheres to ISO 27001, NIST SP 800-115, and MITRE ATT&CK methodologies.

Maintenance & Community

Contributions are welcomed via CONTRIBUTING.md. Specific maintainer or community channel details are not provided in the README.

Licensing & Compatibility

Licensed under GNU General Public License v3.0 (GPL v3). This strong copyleft license requires derivative works to also be GPL v3, potentially restricting commercial use or integration with closed-source projects.

Limitations & Caveats

Functionality depends on LLM API availability and configuration. Setup requires Docker proficiency and potentially complex GPU/driver configurations. The GPL v3 license imposes significant obligations on modifications and distribution.