📦 ADscan v2.1.0-lite — Parrot support & new attacks
✨ New
| Area | Detail |
|---|---|
| Platform | ✅ Parrot OS fully supported — installer resolves missing libs & krb5 headers. |
| Kerberos | • Auth integration added to kerberoast, shadow_creds, rdp_brute → will auto-switch to -k if a valid TGT is present. • Fallback: if local creds fail, ADscan now re-uses domain creds cached during recon. |
| Password spray | spray_same module: tries identical user = password (no lower/upper variants) — quick wins in internal CTFs. |
| ADCS | Added ESC-4 auto-exploit path. |
| Output UX | SMB share enum now prints NULL & GUEST access lines in yellow for quick visual grep. |
🐞 Fixed
| Bug | Status |
|---|---|
| SMB guest session not previously printed | ✔ |
| “Child→Parent escalation” prompt shown on non-subdomain | ✔ (now checks domain SID lineage) |
unzip error when encrypted ZIPs found by share spider |
✔ — skips & logs path |
Extra space in cert parameter breaking certipy |
✔ |
🚀 Upgrade
pipx upgrade adscan # or: pip install -U adscan
adscan install # refresh external tools🗺️ Roadmap snapshot
| Quarter | Drop |
|---|---|
| Q4-2025 | PRO launch – trust enum • ADCS ESC 1-5 auto-exploit • Word/PDF report |
| Q1-2026 | NTLM relay chain • SCCM module |
| Q2-2026 | PwnDoc integration • Hyper-Fast cloud cracking (AS-REP/Kerberoast) |
👉 Lock –50 % lifetime PRO: https://adscanpro.com/pro-waitlist
Huge thanks to the Parrot community & test users for early logs.
Keep smashing boxes — “Automate Harder!” 💪
© 2025 Yeray Martín • Macroblond44 — ADscan 2.1.0-lite.