Engagements
Organizations 0 ▶
Phases 0
| # | Name | Key | Status | Started | Completed |
|---|
Add Phase
Name is required
Lowercase, letters/numbers/dashes only
Techniques Observed 0
| ID | Name | Tactic | Phase | Observed |
|---|
Add Technique Observation
Technique is required
Findings 0
| ID | Title | Severity | Status | CVSS | Evidence |
|---|
Add Finding
Title is required
Severity is required
Phase is required
CVSS score (0-10) is required
Summary is required
Phase Metrics 0
Per-phase KPI tiles shown on the customer portal. Examples: "Subdomains enumerated", "Credentials harvested".
| Phase | Label | Value | Class | Order |
|---|
Add Phase Metric
Suggestions for :
Phishing Campaigns 0
| Campaign | Targets | Delivered | Opened | Clicked | Credentialed | Sent |
|---|
Add Campaign
Phishing Emails 0
Individual emails shown in the customer portal's inbox view. HTML bodies are sanitized server-side.
| Campaign | From | To | Subject | Sent |
|---|
Add Email
Preview below — server will sanitize on save (scripts, styles, and unsafe URLs stripped).
Lateral Movement Hops 0
| From | To | Method | Protocol | Occurred |
|---|
Add Hop
Reconnaissance
Automated OSINT collection — subdomain enumeration, DMARC/SPF analysis, technology stack fingerprinting, and infrastructure probing. Results automatically create findings and technique observations.
Domain Intelligence
Not run yet
Subdomain Enumeration
Not run yet
DMARC / SPF / DKIM
Not run yet
Technology Stack
Not run yet
Infrastructure Mapping
Not run yet
Employee Identification
Not run yet
Breach Database Analysis
Not run yet
Port Scan
Not run yet
SaaS Token Discovery
Not run yet
Wayback Machine
Not run yet
C2 Sessions 0
Live implant sessions ingested via the C2 broker. Updates in real-time over WebSocket.
Waiting for events