Features

Explore the powerful capabilities built into our platform: from automated attack flow orchestration and dynamic checklists to real-time collaboration tools and embedded CVE database access— everything you need to streamline security testing and accelerate remediation.

Session Workflow Icon

Session-Oriented Pentesting

Keep every recon, scan, and exploit organized under one session umbrella:
  • Create & configure sessions with target ranges, credentials, and custom notes
  • Manage assets & wordlists for hosts, directories, payloads and reports
  • Auto-save every command & finding for instant recall and audit trails
Checklist Icon

Dynamic Checklist Engine

Enforce consistent pentest methodology with fully-interactive, customizable checklists:
  • Step-by-step guidance with embedded commands, code snippets, and reference links
  • Real-time status—mark tasks as Done, Pending, or N/A with one click
  • Custom notes & evidence attach screenshots, logs, or commentary per item
Console Icon

Cross-Platform Command Console

Execute commands seamlessly across targets with live output and audit trails:
  • Embedded terminal emulator with real-time stdout/stderr streaming
  • Windows & Linux support plus custom script templates
  • Comprehensive logging of commands, timestamps, exit codes, and success/failure status
Tool Launcher Icon

Smart Tool Launcher

Execute pentest tools flawlessly with dynamic, JSON-driven templates:
  • Central tool catalog—browse descriptions, examples, and categories from JSON
  • Dynamic argument forms auto-generated per placeholder for error-free input
  • Custom parser hooks to automatically process and highlight key output
Node-RED Integration Icon

Node-RED Workflow Automation

Visually orchestrate pentest tasks with drag-and-drop flows:
  • Chain commands & scans with intuitive Node-RED nodes and triggers
  • Native RTFMv2 nodes for Windows, Linux, and custom tool execution
  • Live multi-user collaboration—share flows and findings in real time
Asset Management Icon

Integrated Asset & Findings Manager

Keep all your reconnaissance and results organized in one place:
  • Auto-catalog assets—services, user accounts, web files, exploits, and CVEs
  • Unified evidence view—AI logs, commands, and analyst notes side by side
  • Instant deep-dive—jump from checklist tasks or tool outputs directly to their supporting data
CVE Search Icon

Semantic CVE Insight Engine

Explore vulnerability relationships with embedding-powered search:
  • High-speed similarity lookup using PostgreSQL + pgvector for nearest-neighbor CVE matches
  • Semantic querying across large vulnerability datasets to find related exploits and patches
  • Custom dataset support—ingest your own CVE feeds or local embeddings for tailored results
Security Professionals Icon

Engineered for Pentesting Pros

Local-first, secure, and extensible:
  • Offline & cross-platform—full support for Windows, Linux, and macOS
  • Seamless data integrations with Git, SQLite, and PostgreSQL
  • Privacy & control—no forced cloud, keep all findings and tools local
Customization Icon

Fully Customizable & Extensible

Adapt RTFMv2 to match your unique pentest workflows:
  • JSON-based extensions—add new tools, checklists & commands in seconds
  • Avalonia plugin support—tweak UI components or behaviors via C#
  • API & WebSocket hooks—integrate RTFMv2 into your broader security ecosystem
AI Assistant Icon

Integrated AI Assistant

Accelerate your analysis, documentation, and vulnerability research:
  • Chat-driven insights—ask questions in a conversational UI and get instant guidance
  • Prompt & response history—review previous queries, refine prompts, and track AI outputs
  • Local LLM support—plug in Ollama or your own model for fully private, on-prem AI workflows