bloodyAD

Provides Active Directory penetration testing and enumeration capabilities through a Docker-containerized wrapper around the bloodyAD tool, offering 26 specialized tools for AD reconnaissance, privilege escalation, and object manipulation with support for various authentication methods including Kerberos.

filesystem
GitHub
0Tools
3Findings
15Stars
Mar 22, 2026Last Scanned
โš 2 high ยท 1 low findings detected

Security Category Deep Dive

โšก
Prompt Injection
Prompt & context manipulation attacks
69
Maturity
14
Rules
5
Sub-Categories
1
Gaps
64%
Implemented
56
Tests
1
Stories
PI-DIRDirect Input Injection
100%3 rules
Injection via tool descriptions and parameter fields
GAP-001Prompt Injection Coverage GapMissing detection coverage for emerging prompt injection attack variants not addressed by current rules
PI-INDIndirect / Gateway Injection
100%4 rules
Hidden instructions via external content and tool responses
PI-CTXContext Manipulation
100%2 rules
Context window saturation and prior-approval exploitation
PI-ENCEncoding & Obfuscation
100%3 rules
Payload hiding via invisible chars, base64, schema fields
PI-TPLTemplate & Output Poisoning
100%2 rules
Injection via prompt templates and runtime tool output
Framework Coverage
OWASP MCP Top 1014/14
MITRE ATLAS14/14
CoSAI MCP2/14
OWASP Agentic Top 1012/14
Kill Chain Phases
0Initial Access
0Defense Evasion
0Execution
0Persistence
bloodyAD Security Report โ€” MCP Sentinel