ONINET capabilities & quickstart
Everything you need to understand what ONINET does and how a typical engagement runs. The full operator and admin documentation lives in your customer portal.
What is ONINET
ONINET is a continuous offensive-security platform that ships as a single hardened
container you run on your own machine, driven by the oninet CLI on the host.
One license gives you a full browser-based desktop with 80+ offensive-security tools
built in, heavier tools available on demand as isolated satellite containers,
and a built-in Reporter for turning your findings into a client-ready report.
It scales from a single freelance operator (SOLO) through small consultancies (PRO) and
growing teams (TEAM) to large security organisations (ENTERPRISE). The container and tooling
are the same at every tier, with team and governance features layered on as you move up.
Capabilities
Run hardened sessions on your own host
- Single
oninetCLI manages activation, licensing, and the container lifecycle. - Personalised binary: your license is baked into the download, so there are no keys to copy around or store on disk.
- The container image stays encrypted at rest on your machine, and is only ever live during an active session.
- Engagements organise each piece of work: sessions, findings, recorded terminal output, and credentials.
- Automatic device binding to per-seat slots; review or release devices in the portal.
Findings → report, in the container
- Findings management with integrity-verified evidence files and recorded terminal-session clips.
- Quality gates and preflight checks before you build.
- Automatic threat-intel enrichment: CVE, EPSS, CISA KEV, and MITRE ATT&CK mapping.
- Markdown and PDF report output on every tier.
- Smart ingestion imports your scanner output straight into draft findings (PRO+).
Work the same engagement together
- Comments on findings (PRO+).
- Approval workflow: draft → ready → approved → closed (PRO+).
- OniLink team sync shares findings, comments, and branding across the team (TEAM+).
- Live collaborator presence and custom report templates (TEAM+).
- Portal team management: invites, roles, engagement assignment, and org policies.
RBAC, audit, and compliance
- RBAC enforced on TEAM and ENTERPRISE: Owner, Admin, TeamLead, Operator (+ read-only Auditor on ENTERPRISE).
- Hash-chained audit trail with read and export endpoints (ENTERPRISE).
- Compliance frameworks: OWASP, PCI, NIST, CIS (ENTERPRISE).
- Multi-format export: JSON, CSV, HTML (ENTERPRISE).
- Org-wide audit log, custom satellite requests, and per-operator satellite policy enforcement.
On-demand heavy tools + a full toolkit
- Seven on-demand satellites for resource-heavy tooling, each in its own isolated container, loaded on first use.
- Accessed seamlessly from inside ONINET with
sat start <name>— they open right on your desktop, with nothing to install or wire up outside the tool. - 80+ tools built in, spanning reconnaissance, web, Active Directory, cloud, and OSINT, plus full language runtimes — pre-installed and ready to run.
- All tools and satellites are available on every tier; only TEAM and ENTERPRISE owners can restrict satellites per operator.
Quickstart
The same flow on every tier: install the CLI, activate, launch a session, run your first scan, and record findings in the Reporter.
Install the CLI
Buy a plan (SOLO, PRO, and TEAM are self-serve; ENTERPRISE is quote-only), set your password and complete mandatory TOTP MFA in the portal, then download your personalised binary from Downloads. Make it executable and install it onto your PATH:
chmod +x oninet
./oninet install
Activate & check status
The patched binary already carries your license, so it activates on first use and binds this device to one of your seat's slots automatically. Confirm at any time:
oninet status
Pull & launch
Pull the encrypted image (it stays encrypted at rest on your machine), then start a session and open the desktop in your browser:
oninet pull
oninet run
oninet password <name>
oninet password prints the desktop password and URL (the password is never embedded in the URL).
Run your first scan
Create an engagement so your work is attributed, then run any of the included tools straight from the shell. Heavier tools launch as satellites, right inside ONINET:
oninet engagement create
sat start <name>
Terminal sessions are recorded automatically (unless you disable recording), so output is captured for the report.
Record findings & build the report
Open the Reporter from the desktop to write up findings, attach evidence and session clips, run the quality gates, and build the report. You can also manage findings from the host and stop the session when you're done:
oninet finding attach|list|show
oninet engagement summary
oninet stop <name>
Plans at a glance
All prices are GBP, per seat, per month at the standard monthly rate. Annual and multi-year discounts apply. See full pricing on the homepage.
| Plan | Seats | Per-seat / month | Containers / seat |
|---|---|---|---|
| SOLO | 1 (fixed) | £125 | 1 |
| PRO | 2–4 | £160 | 2 |
| TEAM | 5–9 | £250 | 2 |
| ENTERPRISE | 10+ | from £300 (quote) | 3 |
Ready to get going?
Start with a self-serve plan or get an ENTERPRISE quote. The full operator and admin documentation is in your portal.