All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
Bluesky
Twitter
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Darkmoon: Open-source autonomous penetration testing platform with 18 AI agents and 80+ security tools

By

Mehdi Boutayeb

23h ago· 2 min readenProduct
Bagel score 65 of 100
65/100
Toasty
Bagelometer

A second-rack bagel that's nearly first-rack. Tasty stuff.

Score65Typepress releaseSentimentpositive

Summary

Darkmoon is an autonomous penetration testing platform that goes beyond typical web-layer AI pentesting tools. Built by professional pentesters, it combines 18 specialized AI agents and 80+ offensive security tools to assess Active Directory, Kubernetes, cloud infrastructure, APIs, CMSs, and networks. The platform is self-hosted, open-source, MITRE-mapped, and designed to produce evidence-backed findings, attack paths, and publication-ready reports. It uses MCP-gated tool execution to prevent LLM hallucinations by ensuring the orchestrator works from structured evidence produced by security tools rather than generating findings from imagination.

Key quotes

· 3 pulled
The orchestrator doesn't generate findings from imagination. It works from structured evidence produced by the tools themselves.
The LLM cannot arbitrarily execute commands. All actions must go through controlled MCP workflow
Built by professional pentesters, it combines 18 specialized AI agents and 80+ offensive security tools to assess Active Directory, Kubernetes, cloud infrastructure, APIs, CMSs, and networks.
Snippet from the RSS feed
Most AI pentesting tools stop at the web layer. Darkmoon goes further. Built by professional pentesters, it combines 18 specialized AI agents and 80+ offensive security tools to assess Active Directory, Kubernetes, cloud infrastructure, APIs, CMSs, and ne

You might also wanna read

Darkbloom: Decentralized AI Inference Network Using Idle Apple Silicon Macs

Darkbloom is a decentralized AI inference network that utilizes idle Apple Silicon Macs to provide private, cost-effective AI compute. The s

darkbloom.dev·2mo ago

Aunoo: An open AI-powered strategic intelligence platform for threat monitoring and daily briefings

Aunoo is an open strategic intelligence platform that leverages AI agents to monitor various intelligence sources, including cybersecurity f

helpnetsecurity.com·9d ago

SIR-Bench: A Benchmark for Evaluating Autonomous Security Incident Response Agents

Researchers introduce SIR-Bench, a comprehensive benchmark for evaluating autonomous security incident response agents. The benchmark consis

arxiv.org·2mo ago

Security Vulnerabilities in Agentic AI Browsers: Testing Reveals Scam Susceptibility

The article examines the emerging security vulnerabilities in agentic AI browsers that autonomously browse, search, and interact online. It

guard.io·9mo ago

Research Study: AI Agents vs Human Cybersecurity Professionals in Penetration Testing

This research paper presents the first comprehensive evaluation comparing AI agents to human cybersecurity professionals in real-world penet

arxiv.org·5mo ago

Google Open Sources Scion: Experimental Multi-Agent Orchestration Testbed

Google has open-sourced Scion, an experimental multi-agent orchestration testbed designed to manage concurrent AI agents running in containe

infoq.com·2mo ago