AutoAttack vs NodeZero.
NodeZero is an automated pentest platform; AutoAttack is an autonomous adversary. On the hardened GOAD spec NodeZero published, both reach Domain Admin across all three domains — and AutoAttack reaches it far faster.
Deploy →| Hardened | NodeZero automated pentest | AutoAttack autonomous adversary |
|---|---|---|
| Time to 3/3 Domain Admin | 14m 00s | 0:51 |
| Domains reached | 3 of 3 | 3 of 3 |
| Independent runs | 1 published | 10 |
Same hardened GOAD spec NodeZero published — Windows Defender enabled, LLMNR disabled, Windows patched through March 2026. AutoAttack: median of 10 independent runs, fresh rollback each time, range 0:28 to 1:01. NodeZero published its 14:00 result in August 2025 — the same objective, reached about 16× faster on identical ground.
the difference
same outcome On the same hardened GOAD spec NodeZero published, both tools reach Domain Admin across all three domains. The result is identical; the time to reach it is not.
the speed gap AutoAttack's 0:51 median is about 16x faster than NodeZero's published 14m 00s — the same objective, on the same ground.
ten runs, not one AutoAttack's figure is the median of ten independent runs with a fresh rollback each time (range 0:28 to 1:01), not a single best result.
proof every step Every step of the chain to Domain Admin is captured as it runs, so the path is auditable rather than asserted.
no model dependence AutoAttack reaches Domain Admin without leaning on frontier language models, so the chain and the timing repeat run after run rather than varying per attempt.