ToolWorthy
Darkmoon icon

Darkmoon

Autonomous AI pentesting platform that coordinates specialized agents and security tools through a controlled execution layer.

Reviewed by ToolWorthy Editors·updated today

Pricing:Free + from €149/mo
Get Started
Jump to section
Darkmoon autonomous AI penetration testing command center

Featured alternatives

MakersClaw icon

MakersClaw

Happycapy icon

Happycapy

Patchrooms icon

Patchrooms

Swytchcode CLI icon

Swytchcode CLI

Invoko icon

Invoko

Botpress icon

Botpress

Pros & Cons

Pros

  • Broader infrastructure scope than web-only AI scanners
  • Open-source Community edition can be audited and self-hosted
  • Controlled execution architecture reduces direct model access to the host
  • Findings include evidence and attack-path context
  • Supports cloud providers and local-model setups

Cons

  • Offensive tooling creates legal and operational risk if scope is unclear
  • Setup requires Docker, model configuration, and security knowledge
  • Automated findings still need analyst triage and validation
  • Pro requires annual billing at the displayed €149 monthly equivalent
  • Model and infrastructure costs are separate from the license

Overview

Darkmoon is an autonomous penetration-testing platform that uses specialized AI agents to plan and coordinate offensive security assessments. It covers web applications, APIs, cloud infrastructure, Active Directory, Kubernetes, content management systems, and networks rather than limiting analysis to a single scanner or web layer.

Its architecture separates reasoning from execution: AI agents plan actions, an MCP layer controls allowed tool calls, and an isolated Docker toolbox runs the security utilities. The open-source repository is licensed under GPLv3 and supports cloud LLM providers or local models. Darkmoon is relevant to ToolWorthy's AI agent readers and teams evaluating AI code checking, but it requires substantially more security expertise and authorization than a normal developer assistant.

Darkmoon should only be run against systems the user owns or has explicit written permission to test. Automated findings also require human validation before remediation or disclosure.

Key Features

  • Multi-agent assessment planning - Detects target technologies and dispatches domain-specific agents for web, AD, Kubernetes, network, API, and CMS testing.

  • Controlled MCP execution - Keeps the AI reasoning layer away from direct shell access and routes operations through a gatekept tool interface.

  • Integrated offensive toolbox - Coordinates dozens of established security utilities for discovery, scanning, exploitation validation, and attack-path analysis.

  • Evidence-backed findings - Records requests, payloads, responses, logs, and reproducible proof instead of returning only generic vulnerability labels.

  • Live command center - Streams agent events, campaign state, findings, and infrastructure relationships into a dashboard.

  • Structured reporting - Produces Markdown and PDF reports with CVSS scoring and MITRE ATT&CK mapping; paid features add branded formats.

How to Get Started

The Community edition requires Docker and Docker Compose plus an LLM provider key or supported local model. Clone the repository, run the installer, configure the provider, and begin with a deliberately vulnerable lab rather than a production target.

Define the target, credentials, exclusions, testing noise, and reporting format before launching a campaign. Security teams should document scope approval and keep a human analyst in the loop for finding validation, especially before making changes or contacting a third party.

Pricing & Plans

Darkmoon combines an open-source core, a professional license, and a managed pentest service.

Option Price Notes
Community Free GPLv3 self-hosted engine, AI agents, integrated tools, controlled execution, community support
Pro €149/month Billed €1,788 annually; hardened runtime, managed command center, branded reports, hardware-bound license, priority email support
Pentest on Demand €799/engagement Managed assessment, legal framework, expert operation, debriefed report

Running the Community edition can still incur model API, compute, storage, and security-lab costs.

Best For

  • Authorized penetration testers automating repeatable assessment workflows
  • DevSecOps teams testing owned staging environments after builds
  • Security researchers working in controlled labs
  • Organizations that need self-hosted AI security tooling
  • Teams that can review evidence and manage false positives responsibly

FAQ

What does Darkmoon do?

Darkmoon plans and runs authorized penetration tests by coordinating specialized AI agents with security tools, then generates evidence-backed findings and reports.

Is Darkmoon open source?

Yes. The Community repository is published under the GNU GPLv3 license.

Is Darkmoon free?

The Community edition is free to self-host. Pro is listed at €149 per month billed annually, and managed engagements start at €799.

Does the AI receive shell access?

The documented architecture routes tool execution through a controlled MCP layer and isolated Docker toolbox rather than giving the reasoning model direct shell access.

Which environments can it assess?

The official sources list web applications, APIs, networks, cloud infrastructure, Active Directory, Kubernetes, and several CMS and application stacks.

Which models can it use?

The repository documents cloud providers such as Anthropic, OpenAI, and OpenRouter, along with local options including Ollama and llama.cpp.

Can I run it against any website?

No. Use it only on systems you own or are explicitly authorized to test. Unauthorized penetration testing may be illegal and harmful.

Are the results guaranteed accurate?

No. Darkmoon's documentation recommends analyst review. Automated evidence improves triage, but severity, exploitability, and remediation still need human validation.

Is this your tool?

Upgrade this free listing to Verified to unlock all four below. One-time fee of $99.

Claim & upgrade

Verified badge

A blue Verified pill appears next to your tool name across ToolWorthy. Embeddable on your own site too.

Featured alternatives slot

Appear in the sidebar of similar tools' detail pages — intent-matched traffic from competitors.

Dofollow backlink

Your Visit Site button sends direct SEO value to your domain instead of nofollow.

Editor-curated review

We expand your listing with original pros/cons, use cases, and screenshots — on-brand and on-message.

From the blog

View all →
10 Best AI Code Review Tools 2026 - PR Review, Bugs, and Cost

10 Best AI Code Review Tools 2026 - PR Review, Bugs, and Cost

Compare 10 AI code review tools for PR comments, repo context, security checks, pricing risk, and GitHub, GitLab, Bitbucket, or Azure DevOps fit.

Jun 18, 2026

15 Best Synthesia Alternatives 2026 - More Realistic Avatars, Better Training Workflows

15 Best Synthesia Alternatives 2026 - More Realistic Avatars, Better Training Workflows

Compare 15 Synthesia alternatives for 2026, including HeyGen, Colossyan, D-ID, Elai, Hour One, AI Studios, Virbo, Vidnoz AI, VEED, and Fliki.

Jun 12, 2026

15 Best Intercom Alternatives 2026 - Lower Fin Bills, Clearer Support Ops

15 Best Intercom Alternatives 2026 - Lower Fin Bills, Clearer Support Ops

Compare 15 Intercom alternatives for 2026, including Zendesk, Freshdesk, Help Scout, Crisp, Tidio, Front, HubSpot, Zoho Desk, Gorgias, and Chatwoot.

Jun 11, 2026

10 Best AI Security Tools 2026 - Runtime, Agents, and AI-SPM

10 Best AI Security Tools 2026 - Runtime, Agents, and AI-SPM

Compare 10 AI security tools for agent protection, runtime guardrails, AI-SPM, red teaming, and Microsoft data security workflows.

Jun 11, 2026

Track Darkmoon in ToolWorthy Weekly

Important tool updates, better alternatives, and selected AI signals in one weekly brief.

Weekly only. Unsubscribe anytime.