Torii gate background
NETTORII

Their Fortress,
Your Playground.

BUILT BY OPERATORS · TRUSTED BY RED TEAMS · VISIBLE TO LEADERSHIP · ENTERPRISE-READY

Built by the people who use them. We make offensive security platforms that give operators an unfair advantage and give leaders the confidence to deploy them.

See what we've built
ONINET
INVOKE · INFILTRATE · VANISH

The Unseen Force Beyond the Gate

One platform. 100+ tools. Zero configuration. ONINET is a containerized offensive security workspace — purpose-built for operators, with session recording, engagement management, and the reporting your organisation demands.

oninet — zsh

FAQ

What do I need?
Docker or Podman on Linux. Windows users run ONINET inside WSL2. The CLI handles the rest.
How does licensing work?
Activate with your license key. Validates online, then works offline for up to 30 days.
Multiple operators?
Team and Enterprise tiers support concurrent operators with shared workspaces and individual sessions.
Is my data secure?
All data stays local. Credentials are encrypted at rest and never leak to session recordings.
What are satellites?
Isolated containers for resource-heavy tools like BloodHound and Metasploit. Pull on demand, start in seconds.
Works offline?
Fully offline for 30 days after activation. Once the ONINET image and satellite images are pulled, no internet is required to operate.
100+
TOOLS READY TO GO
8
ON-DEMAND SATELLITES
Full
AUDIT TRAIL
Linux + Windows
NATIVE & WSL2
01 — PROCESS
Four commands to operational
STEP 01

License & Activate

Activate your license in seconds with oninet activate. Manage operators, track usage, and control your deployment from the customer portal.

STEP 02

Your Hardware, Your Data

Everything runs locally with oninet pull. Cached for 30 days of offline operation — ideal for air-gapped environments.

STEP 03

Launch & Operate

oninet run gives you a full desktop environment with 100+ tools, accessible through any browser. Operators are productive immediately.

STEP 04

Scale on Demand

Need more firepower? sat start bloodhound — satellite containers for BloodHound, Metasploit, and more, running in seconds.

02 — CAPABILITIES
Built for the engagement lifecycle.
From reconnaissance to reporting — every capability an operator needs, with the security controls your organisation requires.
DESKTOP

Full Desktop Environment

Complete desktop accessible through any browser. No local install, no VPN — operators work from anywhere, IT controls nothing on the endpoint.

VAULT

Credential Vault

Encrypted-at-rest credential storage with shell integration. Secrets entered through the vault are protected and never leak to session recordings.

TOOLKIT

Offensive Toolkit

100+ tools across every domain — recon, Active Directory, cloud, web app. Pre-installed, pre-configured, ready to run.

MODULAR

Satellite Architecture

Resource-heavy tools run in their own containers. Pull what you need, when you need it.

PERSIST

Persistent Workspace

Your workspace persists across restarts. Ops, loot, evidence, and logs — structured and always available.

AUDIT

Session Recording & Audit

Every terminal session recorded automatically. Full audit trail for compliance — credentials never captured.

ENGAGE

Engagement Management

Scoped engagements with structured workspaces. Track operators, timelines, and deliverables — reporting built in, not bolted on.

PORTAL

Team Management

Customer portal for license management, operator provisioning, and deployment oversight. Control who has access and what they see.

TEAM

Collaboration

Concurrent operator sessions with shared workspaces. Your team works together — leadership sees the progress.

03 — ONINET TOOLKIT
Purpose-built for operators.
Beyond the 100+ tools you already know, ONINET includes custom tooling designed around the engagement workflow.
oninet engagement create

Engagement Management

Create scoped engagements with structured workspaces for ops, loot, evidence, and logs. Track operators, dates, and deliverables in one place.

WORKSPACESMULTI-OP
oninet recording replay

Session Recording

Replay any session, search across recordings, extract command history. Every terminal interaction captured automatically.

AUTOMATICSEARCHABLEOPSEC-SAFE
oninet engagement summary

Reporting & Export

Generate engagement summaries with credential counts, session timelines, satellite usage. Markdown reports ready for your deliverables.

MARKDOWNAUTO-GENERATE
dctime 10.10.10.100

DC Time Sync

Sync your container clock to a Domain Controller for Kerberos authentication. Continuous background sync with live skew monitoring.

KERBEROSAUTO-SYNC
note "Found ESC1 path on DC01"

Operator Notes

Timestamped, operator-attributed notes attached to the current engagement. Appear automatically in reports — no copy-pasting from terminals.

PER-ENGAGEMENTAUTO-REPORT
host DC01 "Domain Controller" "vuln to SMB1"

Host Discovery Log

Log discovered hosts with roles and observations as you find them. Deduplicated by hostname, exported as a structured table in engagement reports.

DEDUPSTRUCTUREDAUTO-REPORT
04 — SATELLITES
On-demand satellite containers.
Resource-heavy tools run in their own isolated containers. Each satellite is pulled on demand and runs independently. CLI satellites are fully covered by session recording — GUI satellites track usage metadata and deployment history.
bloodhound
BloodHound CE + Neo4j 4.4 + PostgreSQL 16
~800 MB
metasploit
Metasploit Framework + PostgreSQL
~1.2 GB
burp
Burp Suite Community + Java 21
~500 MB
zap
ZAP proxy + Java 17
~400 MB
responder
LLMNR / NBT-NS poisoner
~300 MB
hashcat
Hashcat + John the Ripper + wordlists
~600 MB
rusthound
RustHound AD collector
~250 MB
05 — PRICING
Simple licensing. Transparent pricing.
Every tier includes all 100+ tools and all satellites. Higher tiers unlock team management, custom configurations, and dedicated support.
Monthly
Annual save 10% (SOLO only — PRO, Team & Enterprise are annual-commitment)
SOLO
£112.50/mo
For solo operators — 1 seat
  • 1 concurrent container
  • All 100+ tools
  • All 8 satellites
  • 30-day offline grace
  • Customer portal
  • Engagement reporting
  • Session recording
  • Email support
REGISTER INTEREST
PRO
£136/seat/mo
2 to 4 seats — billed annually
For small teams
  • 2 concurrent containers per seat
  • All 100+ tools
  • All 8 satellites
  • 30-day offline grace
  • Customer portal
  • Engagement reporting
  • Session recording
  • Email support
REGISTER INTEREST
TEAM
£212.50/seat/mo
5 to 9 seats — billed annually
For red teams
  • 2 concurrent containers per seat
  • All 100+ tools
  • All 8 satellites
  • 30-day offline grace
  • Customer portal
  • Team management & oversight
  • Shared engagement reporting
  • Session recording
  • Priority support
REGISTER INTEREST
ENTERPRISE
From £300/seat/mo
10+ seats — custom terms
For security organisations
  • 3 concurrent containers per seat
  • All 100+ tools
  • All 8 satellites
  • Custom satellites
  • 30-day offline grace
  • Customer portal
  • Team management & oversight
  • Shared engagement reporting
  • Session recording
  • Dedicated support
GET A QUOTE

Ready to equip your team?

Operator-grade tooling with the reporting, audit, and team management your organisation needs. Get in touch.

GET IN TOUCH READ THE DOCS

Almost there

We just need a few details before you head to our payment portal. Your card details are handled entirely by the payment portal — we never see them.

Get in touch

Tell us about your team and we'll get back to you shortly.