Skip to main content
Emerging ThreatsMalware & Ransomware

Threat Actors Leverage AI-Generated Scripts to Accelerate Active Directory Attacks

Cluttered computer workstation with code on laptop screen, notes, and coffee cups in dim lighting.

"The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the enumeration attempt," Huntress researchers Jevon Ang and Dray Agha said.

The PowerShell Script and AI indicators

Huntress researchers identified a bespoke, "vibe-coded" PowerShell script used for Active Directory (AD) enumeration that bears multiple signs of having been produced with assistance from a large language model. The script — self-titled "100% Working AD Information Gathering Script - FULLY FIXED" — contained prompt-like iteration titles, placeholder strings, and over-engineered logic including several distinct methods to locate a Domain Controller. It also featured beautified console output using cyan, green, red, and yellow, which the researchers flagged as stylistic hallmarks of AI-assisted generation.

Huntress described the script as "highly aggressive" and "noisy," implementing a "five-step cascading fallback mechanism" that prioritized rapid discovery over stealth. The researchers concluded that at least some parts of the code were "likely a 'helpful' inject from the LLM that the attacker simply went along with, rather than being intentionally authored into the script."

Attack chain: RDP access, staging, and timeline

The intrusion began with the threat actor establishing Remote Desktop Protocol (RDP) access to a domain-joined Windows Server using a set of pre-compromised credentials. Tools were staged in the C:\ProgramData\ folder, and the incident took place in early June 2026.

Once the script located the Domain Controller, it initiated systematic enumeration and harvesting of AD artifacts. Roughly 30 minutes after initial enumeration activity, the actor deployed additional utilities — notably s5cmd, a legitimate bulk file operations tool, and SharpShares, a C#-based network shares enumeration utility — to broaden discovery toward user-accessible data stores.

What was collected, how it was packaged, and exfiltration

After locating the primary Domain Controller, the PowerShell routine harvested AD users, computers, groups, organizational units (OUs), and trusts, and staged the results in a local directory. The script exported the harvested data into CSV files, produced an Active Directory Inventory Report as an HTML summary (AD_Report.html), archived the results, and prepared them for exfiltration to a remote server.

The use of s5cmd and SharpShares indicates the actor paired the AI-assisted reconnaissance with established utilities for bulk file movement and network-share discovery, suggesting a deliberate sequence: rapid enumeration, targeted discovery of accessible data repositories, local staging, and then export and exfiltration.

Sygnia's cloud example: AI as a force multiplier

Sygnia's recent report, cited by Huntress, supplies a parallel example in the cloud that illustrates the broader point: AI-enabled attackers do not necessarily introduce new techniques, but they accelerate and scale familiar ones. Sygnia observed an AI-assisted attack against a large Amazon Web Services (AWS)-based environment that moved from initial access to broad compromise in about 72 hours and was assessed to be financially motivated, with the access used as leverage for extortion.

That case involved repeated conversion of newly acquired credentials into renewed discovery, secrets harvesting, persistence (creating access keys and IAM users), and impact. The attacker chained weaknesses across application services, AWS resources, source-control repositories, CI/CD workflows, runtime components, and data stores, and then executed disruptive actions such as denying access to S3 buckets, limiting ECS services to zero capacity, creating ACLs to block network access, and purging SQS queues. Sygnia's core observation: the actions mapped to long-established adversary behaviors, but AI reduced the time and effort required to operationalize them across a complex environment.

What this means for technologists, cloud operators, and adversaries

  • Technologists and security teams: Expect to encounter tooling that looks handcrafted but contains AI-generated artifacts — prompt markers, placeholder strings, and multiple fallback routines — and that emphasizes speed and breadth of discovery. Detection should include monitoring for noisy enumeration patterns, tools staged in C:\ProgramData\, and the creation of artifacts such as AD_Report.html and bulk CSV exports.
  • Cloud operators and enterprise IT teams: Sygnia's AWS example demonstrates how rapid credential churn and chaining of weaknesses can escalate compromise within days. Watch for repeated credential use, newly created access keys and IAM users, and activity masquerading as legitimate pentesting or red-team work.
  • Adversaries and less-skilled actors: The incident shows that AI assistance can lower the barrier to entry, allowing actors with limited expertise to assemble capable, aggressive tooling that combines proven playbooks with AI-generated code and stylistic flourishes.

The intrusion Huntress documented and the cloud compromise Sygnia analyzed converge on the same point: the underlying playbook remains familiar, but AI narrows the time gap between access and damage. Huntress framed the shift succinctly — the "core methodology has remained consistent, but it is now being selectively augmented by AI" — and Sygnia's cloud case demonstrates how that augmentation can compress a complex campaign into days. The remaining practical question is whether defenders can accelerate detection and response to match attackers who now prioritize aggression and speed as their primary tradecraft.

Original story: Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory — The Hacker News