Engagements
Organizations 0 ▶
Executive Summary
The narrative, business-impact list, and priority recommendations shown at the top of the customer portal report. Use Generate draft to have Claude draft these fields from the engagement's findings, techniques, phase metrics, phishing, and lateral-movement data — then edit before saving.
Phases 0
| # | Name | Key | Status | Started | Completed |
|---|
Techniques Observed 0
| ID | Name | Tactic | Phase | Observed |
|---|
Findings 0
| ID | Title | Severity | Status | CVSS | Evidence |
|---|
Phase Metrics 0
Per-phase KPI tiles shown on the customer portal. Examples: "Subdomains enumerated", "Credentials harvested".
| Phase | Label | Value | Class | Order |
|---|
Phishing Campaigns 0
| Campaign | Targets | Delivered | Opened | Clicked | Credentialed | Sent |
|---|
Phishing Emails 0
Individual emails shown in the customer portal's inbox view. HTML bodies are sanitized server-side.
| Campaign | From | To | Subject | Sent |
|---|
Lateral Movement Hops 0
| From | To | Method | Protocol | Occurred |
|---|
Reconnaissance
Automated OSINT collection — subdomain enumeration, DMARC/SPF analysis, technology stack fingerprinting, and infrastructure probing. Results automatically create findings and technique observations.
C2 Sessions 0
Live implant sessions ingested via the C2 broker. Updates in real-time over WebSocket.
Scanner Runs 0
sect31-scanner invocations for this engagement. Live counters refresh while a run is in progress.
| Started | Target | Status | Requests | Coverage | Findings | Duration |
|---|
Scanner Credentials 0
Bearer tokens for the sect31-scanner CLI. Each token is scoped to this engagement and can only write findings, evidence, and scan-run metadata. Default lifetime is 24 hours; revoke when the scan finishes.
| Issued | Label | Expires | Last used | Status |
|---|