Torii gate background
NETTORII

Their Fortress,
Your Playground.

The unseen force beyond the gate

Engineering offensive solutions for offensive teams. Made by operators, for operators — to breach the unbreachable.

Introducing ONINET — Our First Offensive Platform
ONINET
INVOKE · INFILTRATE · VANISH

Your entire offensive toolkit in one command.

ONINET is a licensed, containerized offensive security platform built for professional penetration testers and red teams. One command gives you a full XFCE desktop accessible through your browser, pre-loaded with over 100 industry-standard tools.

Each engagement gets its own structured workspace with dedicated directories for ops, loot, evidence, and logs. Every terminal session is automatically recorded. Credentials are stored in an AES-256 encrypted vault that never leaks to recordings.

Heavy tools like BloodHound, Metasploit, and Burp Suite run in isolated satellite containers — pulled on demand, started in seconds, and stopped when you're done. No bloat in your main workspace.

Runs on Linux, Windows (WSL2), and macOS. Works offline for 30 days. Built by operators, for operators.

oninet — zsh
$ oninet run ╔═══════════════════════════════════════════════════════════════╗ ║ ║ ║ A NETTORII PRODUCT ║ ║ ║ ║ ██████╗ ███╗ ██╗██╗███╗ ██╗███████╗████████╗ ║ ║ ██╔═══██╗████╗ ██║██║████╗ ██║██╔════╝╚══██╔══╝ ║ ║ ██║ ██║██╔██╗ ██║██║██╔██╗ ██║█████╗ ██║ ║ ║ ██║ ██║██║╚██╗██║██║██║╚██╗██║██╔══╝ ██║ ║ ║ ╚██████╔╝██║ ╚████║██║██║ ╚████║███████╗ ██║ ║ ║ ╚═════╝ ╚═╝ ╚═══╝╚═╝╚═╝ ╚═══╝╚══════╝ ╚═╝ ║ ║ ║ ║ Invoke. Infiltrate. Vanish. ║ ║ v1.4.2 ║ ║ ║ ╚═══════════════════════════════════════════════════════════════╝ [*] Container Initialization [?] Client name: Acme Corp [?] Engagement type: pentest [?] Operator name: ghost ┌─────────────────────────────────────────────────────┐ [+] Engagement created ├─────────────────────────────────────────────────────┤ ID: ENG-2026-001 Client: Acme Corp Type: pentest Workspace: ~/engagements/acme-corp-pentest-2026-03 └─────────────────────────────────────────────────────┘ ┌─────────────────────────────────────────────────────┐ [+] ONINET is ready ├─────────────────────────────────────────────────────┤ Desktop: http://localhost:52341/ ├─────────────────────────────────────────────────────┤ Shell: oninet shell ghost-oninet Stop: oninet stop ghost-oninet └─────────────────────────────────────────────────────┘ ghost@acme-corp:~$ sat start bloodhound [+] bloodhound started (--network=bridge). BloodHound CE is ready ghost@acme-corp:~$

FAQ

What do I need?
Docker or Podman on Linux, Windows (WSL2), or macOS. The CLI handles everything else.
How does licensing work?
Activate with a key, validate online, cache locally for 30 days of offline use.
Multiple operators?
Team tiers support concurrent containers with shared workspaces and named sessions.
Is my data secure?
AES-256-GCM vault. Recordings never capture passwords. Everything stays local.
What are satellites?
BloodHound, Metasploit, Hashcat etc. in isolated containers. Pull on demand, start in seconds.
Works offline?
Fully offline for 30 days once activated. All tools pre-installed, no downloads needed.
100+
TOOLS PRE-INSTALLED
8
SATELLITE CONTAINERS
<5m
SETUP TO FIRST SCAN
Linux · Windows · Mac
SUPPORTED PLATFORMS
01 — PROCESS
Four commands to operational
STEP 01

Purchase & Activate

Get your license key and activate with oninet activate. Verified in seconds.

STEP 02

Pull your image

Download the ONINET image. Cached locally — works offline for 30 days.

STEP 03

Launch workspace

oninet run gives you a full desktop + 100 tools via your browser.

STEP 04

Start satellites

Heavy tools in isolated containers. sat start bloodhound — done.

02 — CAPABILITIES
Everything you need. Nothing you don't.
A complete operator workspace with hardened defaults, team collaboration, and operational security built into every layer.
DESKTOP

Full Desktop Environment

XFCE desktop in your browser via noVNC. Firefox, terminal, file manager — zero local install.

VAULT

Credential Vault

AES-256-GCM encrypted vault with auto-lock, shell integration, and GUI access.

RECON

Network Reconnaissance

nmap, masscan, rustscan, nuclei, httpx, subfinder — the full stack, pre-configured.

AD

Active Directory

BloodHound, netexec, impacket, ldapsearch, certipy — complete AD attack chain.

CLOUD

Cloud Offensive

AWS, Azure, GCP CLIs plus ScoutSuite and cloudfox. Multi-cloud from one workspace.

TEAM

Collaboration

Shared folders, operator naming, concurrent containers. Work together without collisions.

OPSEC

Operational Security

Custom hostnames, dropped capabilities, network isolation. Blend in by design.

MODULAR

Satellite Architecture

Heavy tools in isolated containers. Pull only what you need. Update independently.

PERSIST

Persistent Workspace

OpSpace survives restarts. Ops, loot, evidence, logs — structured and persistent.

03 — ONINET TOOLKIT
Built-in tools for the operator lifecycle.
Beyond 100+ community tools, ONINET ships purpose-built features for engagement management, operational security, and team workflows.
oninet vault list

Credential Vault

AES-256-GCM encrypted storage for captured credentials. Shell integration, GUI access, auto-lock. Works even when the container is stopped.

AES-256-GCMOFFLINE ACCESS
oninet engagement create

Engagement Management

Create scoped engagements with structured workspaces: ops, loot, evidence, logs. Track operators, dates, and generate summaries.

WORKSPACESMULTI-OP
oninet recording replay

Session Recording

Every terminal session is recorded with asciinema. Replay in-terminal, search across recordings, extract commands. Vault-entered passwords are never captured.

ASCIINEMASEARCHABLEOPSEC-SAFE
sat start bloodhound

Satellite Architecture

Heavy tools in isolated containers. Auto-login, bridge networking, on-demand pull. Start and stop independently — zero bloat in your main workspace.

8 SATELLITESISOLATED
oninet engagement summary

Reporting & Export

Generate engagement summaries with credential counts, session timelines, satellite usage. Markdown reports ready for your deliverables.

MARKDOWNAUTO-GENERATE
dctime 10.10.10.100

DC Time Sync

Sync your container clock to a Domain Controller for Kerberos attacks. Continuous background sync with skew monitoring — prompt shows live status.

KERBEROSAUTO-SYNCSYS_TIME
04 — SATELLITES
Heavy tools. Zero bloat.
Each satellite runs in its own isolated container. Pull on demand, start in seconds, stop when done.
bloodhound
BloodHound CE + Neo4j 4.4 + PostgreSQL 16
~800 MB
metasploit
Metasploit Framework + PostgreSQL
~1.2 GB
burp
Burp Suite Community + Java 21
~500 MB
caido
Caido web security proxy
~300 MB
zap
ZAP proxy + Java 17
~400 MB
responder
LLMNR / NBT-NS poisoner
~300 MB
hashcat
Hashcat + John the Ripper + wordlists
~600 MB
rusthound
RustHound AD collector
~250 MB
05 — PRICING
One license. All tools.
No per-tool fees. No feature gates. Every tier includes every tool and every satellite.
PRO
TBD
For individual operators
  • 1 concurrent container
  • All 100+ tools
  • All 8 satellites
  • 30-day offline grace
  • Email support
GET IN TOUCH →
TEAM
TBD
For small red teams
  • 3 concurrent containers
  • All 100+ tools
  • All 8 satellites
  • Shared workspaces
  • Priority support
GET IN TOUCH →
ENTERPRISE
Custom
For organizations
  • Unlimited containers
  • All 100+ tools
  • All 8 satellites
  • SSO & team management
  • Dedicated support
GET IN TOUCH →

Ready to operate?

Get in touch and run your first engagement in under five minutes.

GET IN TOUCH → READ THE DOCS