bloodyAD

Provides Active Directory penetration testing and enumeration capabilities through a Docker-containerized wrapper around the bloodyAD tool, offering 26 specialized tools for AD reconnaissance, privilege escalation, and object manipulation with support for various authentication methods including Kerberos.

This bloodyAD MCP server by Diego Collao Albornoz provides Active Directory penetration testing and enumeration capabilities through a Docker-containerized wrapper around the bloodyAD tool. Built with FastMCP and running on Kali Linux in Docker, it offers 26 specialized tools covering AD reconnaissance (object enumeration, DNS dumping, trust mapping), privilege escalation (DCSync rights, shadow credentials, RBCD), and object manipulation (user/computer creation, group membership management, password changes) with support for various authentication methods including Kerberos. The implementation includes comprehensive setup automation scripts for Windows, Linux, and macOS that handle Docker image building, MCP configuration, and Gemini CLI integration, making it valuable for penetration testers and red team operators who need AI-assisted Active Directory attack workflows within controlled lab environments like HackTheBox.