Darkmoon is an autonomous penetration testing platform designed to automate offensive security campaigns using artificial intelligence. The system coordinates 18 specialized AI agents and integrates with over 80 security tools, enabling it to model attack surfaces, reason about targets, and execute full-stack exploitation without manual intervention. Its master agent detects 14 technology signals, routing campaigns to the appropriate specialist agents, and supports sequential or parallel operations with controlled recursion depth. The platform is positioned as a security conductor rather than a traditional scanner, focusing on validated, evidence-backed findings.
For real-time monitoring, Darkmoon features a live SSE dashboard that streams every finding, infrastructure node, and agent event as they occur. It exports publication-ready reports in ISO 27001, HackerOne, and Bugcrowd formats, supporting both Markdown and branded, password-protected PDF outputs. 1 scoring and MITRE ATT&CK mapping. The platform covers a wide range of offensive security phases, including web and API exploitation (such as SQLi, XSS, SSRF, RCE, and more), Kubernetes attack chains (including RBAC escalation and node escape), and Active Directory takeover techniques (such as AS-REP roasting, Kerberoasting, and NTLM relay).
Security is a core focus for Darkmoon, with a sealed, hardened runtime that employs AES-256-GCM encrypted storage, hardware-bound licensing, and a continuous SHA-256 integrity watchdog. The platform enforces tamper-proof execution, read-only root filesystems, seccomp sandboxing, and anti-tamper measures such as debugger and tracer detection. Sensitive data is protected through a Privacy Gateway, which tokenizes all confidential information locally before interacting with the AI model. Real values are re-injected only on the user's machine, ensuring that no sensitive data is exposed to the model or logged.
Darkmoon is available as open-source software under the GPLv3 license, allowing users to self-host the full autonomous engine for free. Professional and enterprise plans add features such as a managed live command center, additional report formats, branded PDFs, multi-seat workspaces, and priority support. This platform is intended for security professionals, penetration testers, enterprises, MSSPs, and resellers seeking automated, AI-driven vulnerability assessment and reporting.
Darkmoon is an Other AI product. It focuses on automating penetration testing and vulnerability assessment using AI agents to reduce manual security work. It is built as an open-source project for security teams. Darkmoon is open source under the GPL-3.0 license. The product ships for the web and API.
Behind Darkmoon is ASCIT31, and the product first shipped in 2025. Development happens publicly on GitHub with 440 stars and 51 commits in the last 90 days. PulseGate's similarity index finds few close equivalents — Darkmoon occupies a relatively distinct niche. Key capabilities include autonomous pentesting, AI agents, and integrated tools. It exposes integrations via a public API.
Latest indexed changes and source events
ASCIT31/Dark-Moon discovered by the PulseGate indexer
Other apps tracked under the same category.