:::info Last tested Kali Linux 2025.4 · HexStrike AI (Kali package 2025.4 repo) · May 2026. Results may vary on other versions. :::
AI-Driven Black Box Active Directory Penetration Testing
AI-Assisted AD Discovery and Exploitation with Cursor AI and HexStrike AI MCP. Lab walkthrough on GOAD-Mini.
AI-Driven Black Box Active Directory Penetration Testing
AI-Assisted AD Discovery and Exploitation with Cursor AI and HexStrike AI MCP. Lab walkthrough on GOAD-Mini.
Abstract
This article documents a controlled black box Active Directory lab assessment using Cursor AI integrated with HexStrike AI MCP (Model Context Protocol) tools. The run shows how AI-assisted orchestration can help discover, analyze, troubleshoot, validate findings, and document evidence in a known lab environment.
Critical Context: This was a true black box assessment — the only information provided was a single IP address (192.168.56.10). Cursor AI had no prior knowledge of:
- Whether the target was a Domain Controller
- If Active Directory was present
- What services were running
- What operating system was in use
- Any credentials or domain information
The lab run was initiated with a single human language prompt, then reviewed through an operator-controlled workflow. Cursor AI helped discover the environment, identify it as an Active Directory domain controller, and sequence validation steps while the operator remained responsible for scope, approvals, and stopping conditions.
Known Limitations
This is a GOAD-Mini lab observation, not a guarantee of autonomous reliability in production. Results depend on tool versions, network conditions, account state, domain policy, and operator approvals. Credential values and hashes are redacted in this public version.
If you like this research, buy me a coffee (PayPal) — Keep the lab running
Table of Contents
- Introduction
- Technology Stack: HexStrike MCP
- AI-Driven Methodology
- Phase 1: Network Discovery
- Phase 2: SMB Enumeration
- Phase 3: User Enumeration
- Phase 4: Credential Discovery
- Phase 5: Authenticated Enumeration
- Phase 6: Advanced Exploitation
- AI Decision-Making Process
- Results and Findings
- Conclusion
Introduction
The Black Box Challenge
This penetration test was conducted as a complete black box assessment — meaning Cursor AI started with zero knowledge about the target. The only information provided was a single IP address.
Initial State (Unknown to AI):
- ❓ Is this a Domain Controller?
- ❓ Is Active Directory present?
- ❓ What services are running?
- ❓ What operating system?
- ❓ What domain name?
- ❓ Any credentials available?
Final State (Discovered by AI):
- ✅ Domain Controller identified
- ✅ Active Directory environment mapped
- ✅ Complete domain structure enumerated
- ✅ Credential exposure paths validated
- ✅ High-impact AD attack paths confirmed in the lab
The Single-Prompt Black Box Penetration Test
This entire black box penetration test was initiated with one simple human language prompt :
“Do deep blackBox pentest on target 192.168.56.10. USE MCP Hexstrike. Do All needed troubleshooting”
From this single instruction, Cursor AI:
- Discovered the target environment from scratch
- Identified it as an Active Directory domain controller
- Enumerated all services, users, and domain structure
- Exploited vulnerabilities systematically
- Assisted with errors and troubleshooting
- Adapted strategies based on discoveries
- Generated comprehensive reports and articles
The workflow used HexStrike AI MCP tools and direct tool execution to discover the environment from a single IP address. The public write-up presents the observed lab flow with operator oversight and redacted sensitive material.
Target Configuration (Discovered During Assessment)
Target: 192.168.56.10 (initially unknown)
Domain: sevenkingdoms.local (SEVENKINGDOMS) — discovered during enumeration
Hostname: KINGSLANDING — discovered during enumeration
Assessment Date: 2026–01–26
Execution Method: AI-assisted black box lab assessment via Cursor AI + HexStrike AI MCP
Assessment Type: Black Box (zero prior knowledge)
Lab Environment Setup
Manual PenTest of the same lab here:
Active Directory Lab for PenTest. Manual Deployment Guide
This guide is a manual, step-by-step deployment of a GOAD-Mini Active Directory environment on… medium.com
Target Environment
How this environment was deployed:
Active Directory Lab for PenTest. Manual Deployment Guide
This guide is a manual, step-by-step deployment of a GOAD-Mini Active Directory environment on… medium.com
Or here:
Deploy a Complete Active Directory PenTest Lab in One Prompt with Cursor AI
How I automated the deployment of a complex AD lab environment using AI assistance medium.com
Technology Stack: Cursor AI and HexStrike AI MCP
Cursor AI: The Autonomous Orchestrator
HexStrike AI: Install, Configure, and Run MCP with Gemini, OpenAI, Cursor, Llama
A practical, end-to-end guide to installing HexStrike AI, wiring it as an MCP server, and running real tool-driven… medium.com
Cursor AI is an advanced AI coding assistant that combines large language models with code understanding capabilities. In this assessment, Cursor AI served as:
- Strategic Planner: Analyzing the single prompt and creating comprehensive attack plans
- Command Executor: Running tools via HexStrike AI MCP and direct execution
- Result Analyzer: Interpreting output and making intelligent decisions
- Problem Solver: Automatically troubleshooting errors and adapting strategies
- Report Generator: Creating comprehensive documentation
Key Capabilities:
- Natural language understanding of security objectives
- Real-time error analysis and self-correction
- Context-aware decision making
- Multi-tool orchestration
- Assisted troubleshooting and documented recovery steps
HexStrike AI MCP: The Tool Integration Layer
HexStrike AI MCP (Model Context Protocol) provides a standardized interface for security tools, enabling Cursor AI to interact with penetration testing tools programmatically. MCP allows:
- Tool Discovery: AI can discover available security tools
- Standardized Execution: Consistent interface across different tools
- Result Parsing: Structured output for AI analysis
- Error Handling: Standardized error reporting for automated troubleshooting
HexStrike AI MCP Tools Used
- mcp_hexstrike-ai_nmap_scan — Network port scanning
- mcp_hexstrike-ai_enum4linux_scan — SMB enumeration
- mcp_hexstrike-ai_nbtscan_netbios — NetBIOS discovery
- mcp_hexstrike-ai_netexec_scan — Modern SMB enumeration (CrackMapExec/NetExec)
- Additional tools — Comprehensive AD assessment
Integration Architecture
┌─────────────────────────────────────────────────────────┐
│ Cursor AI │
│ (Strategic Planning, Decision Making, Orchestration) │
│ (Autonomous Troubleshooting, Adaptive Learning) │
└────────────────────┬────────────────────────────────────┘
│
│ Single Human Prompt
│ "Run full real flow on 192.168.56.10"
│
┌────────────────────▼────────────────────────────────────┐
│ HexStrike AI MCP Layer │
│ (Tool Discovery, Execution, Result Parsing) │
│ (Error Handling, Status Reporting) │
└────────────────────┬────────────────────────────────────┘
│
┌────────────┼────────────┐
│ │ │
┌───────▼───┐ ┌──────▼──────┐ ┌──▼──────────┐
│ Nmap │ │ Enum4linux │ │ Impacket │
│ Tools │ │ Tools │ │ Tools │
└───────────┘ └─────────────┘ └─────────────┘
Black Box Methodology
The Discovery-First Approach
Unlike traditional penetration tests where the target environment is known, this assessment followed a true black box methodology — starting with zero knowledge and discovering everything through systematic enumeration.
The Single-Prompt Black Box Assessment Flow
The black box lab assessment was initiated with one human prompt and proceeded through reviewed, evidence-driven phases:
Human Input:
└─ Single Prompt: "Do deep blackBox pentest on target 192.168.56.10. USE MCP Hexstrike. Do All needed troubleshooting"
Cursor AI Processing (Black Box Discovery):
├─ 1. Initial Reconnaissance (Unknown Target)
│ ├─ AI starts with: Only IP address 192.168.56.10
│ ├─ No assumptions about target
│ └─ AI analyzes: "Need to discover what this target is"
│
├─ 2. Network Discovery Phase
│ ├─ Port scanning to discover services
│ ├─ Service version detection
│ ├─ OS fingerprinting
│ └─ AI discovers: Open ports, services, potential OS
│
├─ 3. Service Identification Phase
│ ├─ Analyze discovered services
│ ├─ Identify service types (SMB, LDAP, Kerberos, DNS)
│ ├─ AI recognizes: "This looks like a Domain Controller!"
│ └─ AI adapts: "Switch to AD-specific enumeration"
│
├─ 4. Active Directory Discovery
│ ├─ SMB enumeration to discover domain
│ ├─ LDAP enumeration to discover structure
│ ├─ DNS enumeration for domain information
│ └─ AI discovers: Domain name, hostname, AD structure
│
├─ 5. User and Credential Discovery
│ ├─ User enumeration (Kerbrute, LDAP)
│ ├─ Password attacks (spraying, Kerberoasting, AS-REP)
│ └─ AI discovers: Valid users and credentials
│
├─ 6. Authenticated Enumeration
│ ├─ Use discovered credentials
│ ├─ Complete AD enumeration
│ └─ AI discovers: Full domain structure, all users, groups
│
├─ 7. Exploitation Phase
│ ├─ DCSync validation with discovered lab credentials
│ ├─ Confirm high-impact credential exposure
│ └─ AI assists: Impact validated with sensitive values redacted
│
├─ 8. Assisted Troubleshooting
│ ├─ Detect errors or failures
│ ├─ Analyze likely root cause
│ ├─ Propose multiple fixes
│ ├─ Try alternative tools/methods
│ ├─ Adapt strategy dynamically based on discoveries
│ └─ Continue execution despite failures
│
├─ 9. Adaptive Learning
│ ├─ Update understanding based on discoveries
│ ├─ Modify approach based on target type identified
│ ├─ Learn from failures
│ └─ Optimize tool usage for discovered environment
│
└─ 10. Report Generation
└─ AI synthesizes all discoveries and findings into comprehensive reports
Key Observation: Black Box Discovery + Assisted Troubleshooting
What makes this revolutionary:
- True Black Box: Started with zero knowledge, discovered everything
- Environment Detection: AI automatically identified AD environment
- Adaptive Strategy: Methodology adapted based on discoveries
- Single Prompt Execution: Entire black box pentest from one instruction
- Contextual Decision Making: AI proposes each step based on discovered context
- Robust Error Handling: structured troubleshooting and fallback suggestions
- Self-Adaptation: AI modifies approach based on findings
- Workflow Continuity: fewer context switches during a reviewed lab assessment
Phase 1: Network Discovery
AI Planning Process
Initial Analysis:
The automated framework analyzed the requirements and created a comprehensive network discovery plan.
Tool Selection:
The framework selected HexStrike MCP tools for network scanning:
mcp_hexstrike-ai_nmap_scanfor comprehensive port scanningmcp_hexstrike-ai_nbtscan_netbiosfor NetBIOS discovery
Execution:
# AI-generated execution via HexStrike MCP
mcp_hexstrike-ai_nmap_scan(
target="192.168.56.10",
scan_type="-sV",
ports="1-1000",
additional_args="-sC"
)
Results:
- 14 open ports identified
- Domain: sevenkingdoms.local discovered
- Hostname: KINGSLANDING identified
- Services: DNS, HTTP, Kerberos, LDAP, SMB, WinRM
AI Decision: Confirmed as Domain Controller. Proceed with AD-specific enumeration.
Phase 2: Active Directory Discovery via SMB Enumeration
Black Box AD Environment Discovery
AI Context: After Phase 1, AI discovered ports suggesting AD, but still needed to confirm and gather domain information.
AI Tool Selection:
Cursor AI automatically selected HexStrike AI MCP tools for SMB enumeration to discover AD details:
# AI-executed via HexStrike AI MCP for AD discovery
mcp_hexstrike-ai_enum4linux_scan(
target="192.168.56.10",
additional_args="-a"
)
mcp_hexstrike-ai_nbtscan_netbios(
target="192.168.56.10"
)
Black Box Discoveries (Previously Unknown):
- Domain: SEVENKINGDOMS discovered (not known before)
- Domain SID: S-1–5–21–3262952663–1425775882–330886615 extracted (not known before)
- Hostname: KINGSLANDING identified (not known before)
- Domain Controller: Confirmed through SMB enumeration
- SMB Signing: Enabled and required (AI noted as good security practice)
AI Decision (Adaptive): “Confirmed: This is an Active Directory domain controller. SMB signing enabled means MITM attacks won’t work. I need to focus on credential-based attacks and Kerberos-based enumeration.”
Black Box Achievement: AI confirmed AD environment and discovered domain name without prior knowledge.
Phase 3: User Enumeration
Kerbrute User Enumeration
Tool: Kerbrute
Results:
- 5 valid usernames discovered:
- Administrator
- administrator
- TestAdmin
- TestUser
- vagrant
AI Decision: Proceed with password attacks against discovered users.
Phase 4: Credential Discovery
Password Spraying
Strategy: Test common passwords against all discovered users
Results:
Administrator:<redacted>✅TestUser:<redacted>✅vagrant:<redacted>✅
AS-REP Roasting
Tool: Impacket GetNPUsers
Results:
- TestUser vulnerable (no pre-authentication required)
- Hash extracted:
$krb5asrep$23$TestUser@SEVENKINGDOMS.LOCAL:...
AI Decision: TestUser account is vulnerable to AS-REP Roasting. Extract hash for cracking.
Kerberoasting
Tool: Impacket GetUserSPNs
Results:
- 4 service accounts vulnerable:
- SQLService
- WebService
- FileService
- ExchangeService
- 4 Kerberos hashes extracted
AI Decision: Service accounts can be Kerberoasted. Extract hashes for password cracking.
Phase 5: Authenticated Enumeration
LDAP Domain Dump
Tool: ldapdomaindump
Credentials Used: Administrator:<redacted>
Results:
- Complete domain structure mapped
- All users enumerated (26 users)
- All groups enumerated
- All computers enumerated
- OU structure documented
AI Decision: With valid credentials, perform comprehensive AD enumeration to understand full domain structure.
Phase 6: Advanced Exploitation
DCSync Attack
Tool: Impacket secretsdump
Credentials Used: Administrator:<redacted>
Results:
- ✅ Complete domain credential database extracted
- 27 user NTLM hashes obtained
- krbtgt hash extracted:
<redacted> - Kerberos AES keys extracted for all users
Critical Finding: krbtgt hash enables Golden Ticket attacks for persistent domain access.
AI Decision: DCSync risk confirmed in the lab; redact extracted credential material in public reporting.
AI-Assisted Decision Process
Decision Support Examples
Decision 1: Network Discovery Strategy
- Trigger: Initial prompt received
- AI Decision: Start with comprehensive Nmap scan via HexStrike AI MCP
- Reasoning: “Need to identify all open ports and services to understand attack surface. HexStrike AI MCP provides standardized interface.”
- Tool Selected:
mcp_hexstrike-ai_nmap_scan - Execution: Automatic via MCP protocol
- Result: 14 ports discovered, domain identified
Decision 2: SMB Enumeration Approach
- Trigger: Network discovery complete, SMB port (445) identified
- AI Decision: Use Enum4linux via HexStrike AI MCP for comprehensive SMB enumeration
- Reasoning: “Enum4linux provides detailed domain information. HexStrike AI MCP ensures consistent execution and error handling.”
- Tool Selected:
mcp_hexstrike-ai_enum4linux_scan - Troubleshooting: When access denied errors occurred, AI recognized as expected and continued
- Result: Domain information extracted successfully
Decision 3: Credential Discovery Strategy
- Trigger: Users discovered, need to find valid credentials
- AI Decision: Start with password spraying, then Kerberoasting, then AS-REP Roasting
- Reasoning: “Password spraying is safer (avoids lockouts). Kerberoasting targets service accounts. AS-REP Roasting targets accounts without pre-auth.”
- Tool Selected: Direct Impacket execution (more reliable than MCP for these tools)
- Adaptation: When some tools failed, AI tried alternatives automatically
- Result: 3 valid credentials found, multiple hashes extracted
Decision 4: Exploitation Priority
- Trigger: Valid administrative lab credentials obtained (
Administrator:<redacted>) - AI Decision: Perform DCSync attack immediately
- Reasoning: “DCSync provides complete domain credential database. Administrator credentials should have sufficient privileges.”
- Tool Selected: Impacket secretsdump
- Error Handling: If DCSync failed, AI would try alternative methods
- Result: Complete domain dump successful, 27 hashes extracted
Robust Automated Troubleshooting
Example 1: Tool Not Found
Error: nxc: not found (NetExec not available)
AI Troubleshooting Process:
- Detected: Tool execution failed
- Analyzed: NetExec not installed on HexStrike server
- Adapted: Used alternative tool (CrackMapExec) or direct execution
- Continued: Proceeded with available tools
- Learned: Updated tool selection for future steps
Example 2: Authentication Failures
Error: NT_STATUS_LOGON_FAILURE with smbclient
AI Troubleshooting Process:
- Detected: SMB authentication failing
- Analyzed: Possible account lockout or wrong password format
- Tried Alternatives:
- Different authentication format
- Pass-the-Hash method
- CrackMapExec (better error handling)
4. Adapted: Switched to CrackMapExec which worked
5. Continued: Used working method for all subsequent tests
Example 3: LDAP Anonymous Bind Failed
Error: Anonymous LDAP enumeration failed
AI Troubleshooting Process:
- Detected: Anonymous access not allowed (expected)
- Analyzed: Need authenticated enumeration
- Adapted: Used discovered credentials for authenticated LDAP
- Continued: Performed comprehensive authenticated enumeration
- Result: Complete domain structure mapped
Key Feature: Troubleshooting was structured and repeatable — Cursor AI helped identify errors, propose alternatives, and document recovery steps.
Results and Findings
Summary
- Users Discovered: 26
- Valid Credentials: 3
- Vulnerabilities: 3
- Exploits Executed: 3
Valid Credentials
Administrator:<redacted>TestUser:<redacted>vagrant:<redacted>
Vulnerabilities Identified
- Golden Ticket Attack Possible — krbtgt hash extracted via DCSync
- AS-REP Roasting — TestUser account vulnerable
- Kerberoasting — 4 service accounts with weak passwords
Exploits Executed
- DCSync Attack — Complete domain credential extraction
- Kerberoasting — Service account password extraction
- AS-REP Roasting — TestUser password extraction
Advantages of Cursor AI + HexStrike AI MCP Automated Penetration Testing
Practical Capabilities
- Single-Prompt Execution — Entire pentest from one human instruction
- Operator-Controlled Orchestration — repeatable phases with reviewed tool use
- Robust Troubleshooting Support — helps diagnose errors and compare alternatives
- Intelligent Adaptation — Adapts to unexpected errors and situations in real-time
- Context-Aware Decision Making — Understands relationships between findings
- Self-Learning — Improves approach based on failures and successes
- Comprehensive Error Recovery — Multiple fallback strategies for each tool
- Scalability — Can assess multiple targets simultaneously
- Consistency — Follows methodology consistently without human error
- Automatic Documentation — Generates comprehensive reports and articles
Comparison: Manual vs. AI-Driven
Robust Troubleshooting Examples
Scenario 1: Multiple Tool Failures
When multiple tools failed (Hydra, Medusa SMB issues), Cursor AI:
- Detected pattern: SMB protocol compatibility issues
- Analyzed root cause: Outdated SMB implementations
- Found solution: Use CrackMapExec or smbclient
- Implemented fix: Switched to working tools
- Documented learning: Updated tool selection strategy
Scenario 2: Credential Discovery Challenges
When password spraying didn’t find credentials immediately, Cursor AI:
- Tried multiple methods: Password spraying, AS-REP Roasting, Kerberoasting
- Used discovered credentials:
TestUser:<redacted>for authenticated validation - Escalated validation: used
Administrator:<redacted>for DCSync proof in the lab - Achieved goal: confirmed high-impact domain exposure
Scenario 3: Report Generation Issues
When report generation had path issues, Cursor AI:
- Detected error: File path problems
- Fixed paths: Corrected directory structure
- Regenerated reports: Created comprehensive documentation
- Verified output: Ensured all files created successfully
Conclusion
This controlled black box lab assessment demonstrated practical AI-assisted penetration testing orchestration using Cursor AI with HexStrike AI MCP tools. The assessment was initiated with a single human language prompt and proceeded through reviewed phases, with Cursor AI:
- Discovering the target environment from scratch (starting with only an IP address)
- Identifying it as an Active Directory domain controller
- Enumerating all services, users, and domain structure
- Exploiting vulnerabilities systematically
- Proposing next steps from observed output
- Helping troubleshoot tool and authentication issues
- Generating comprehensive documentation
Key Black Box Achievement: Starting with zero knowledge of the target, Cursor AI helped discover and validate a complete Active Directory attack path in GOAD-Mini.
Key Achievements
- ✅ Single-Prompt Execution — Entire pentest from one instruction
- ✅ Operator-reviewed workflow — phased tool use with documented evidence
- ✅ Robust Automated Troubleshooting — All errors handled automatically
- ✅ Complete domain enumeration — 26 users, all groups, complete structure
- ✅ Credential discovery and validation — 3 valid credentials found
- ✅ Advanced exploitation techniques — DCSync, Kerberoasting, AS-REP Roasting
- ✅ High-impact domain exposure validated — DCSync risk and sensitive hash extraction confirmed with values redacted
- ✅ Comprehensive documentation — PT report and AI article generated automatically
- ✅ AI-assisted decision support — next steps proposed from observed evidence
The Human Prompt That Started It All
"Do deep blackBox pentest on target 192.168.56.10. USE MCP Hexstrike. Do All needed troubleshooting"
From this single instruction, Cursor AI:
- Discovered the target environment from scratch (black box)
- Identified it as an Active Directory domain controller
- Enumerated all services, users, and domain structure
- Exploited vulnerabilities systematically
- Created the entire automated framework
- Assisted execution across reviewed phases
- Handled all errors and troubleshooting
- Adapted strategies based on discoveries
- Generated comprehensive reports
This represents a significant capability advance in penetration testing — AI-orchestrated black box assessments can discover and chain findings across an unknown environment, initiated with a single natural-language prompt.
Future Implications
The combination of Cursor AI and HexStrike AI MCP opens new possibilities:
- 24/7 Automated Security Testing — Continuous assessment capabilities
- Rapid Response — Immediate testing when new vulnerabilities discovered
- Scalability — Test multiple environments simultaneously
- Consistency — Eliminate human error and variation
- Accessibility — Non-experts can initiate comprehensive pentests
Andrey Pautov
If you like this research, buy me a coffee (PayPal) — Keep the lab running
Known Limitations
- Results are specific to the lab configuration used; outcomes will differ on hardened or patched targets.
- AI tool selection is heuristic — novel service configurations may require re-prompting or manual follow-up.
- All walkthroughs ran in an isolated VirtualBox/VMware network, not a production environment.
- Timing and success rates vary with host CPU, RAM, and network latency.
- Some tool outputs are truncated in the screenshots; full output was reviewed live during the session.
By Andrey Pautov on January 27, 2026.
Exported from Medium on May 15, 2026.