The first advanced (desktop) attack platform. Built by security engineers, for security engineers.

Get past any defense, in any environment

Take the complexity out of designing a Remote Access Trojan (RAT) that works by using one of pre-built agents. Review the source code or fork and write your own by visiting our open-source agent repo.

Learn More

The first IDE for building attacks, from scratch

Implement custom and powerful attacks using Editor, our IDE that allows you to: Write TTPs in any language, for any platform, as easily as you write code, Automatically important open-source TTPs (Atomic Red Team, Caldera, etc...) to build a base of attacks quickly, and Test attacks on local, cloud or production environments with one click.

Learn More

Run security assessments on your terms

Deploy an adversary against any target machine, anywhere in your network, using the Emulate range. Queue up an adversary to run at a pre-set time, or have it run until a goal is achieved.

Learn More

The simplest way to spin up a range

Need to test your attacks in a safe, but realistic, environment? Use our cloud plugin to: Deploy an agent on a machine running any OS on any cloud provider, and Spin up a pre-compromised set of machines, automatically integrated with Elastic or Splunk.

Learn More

Visualize and export your results

Easily visualize your attack chains and see what succeeded (and didn't). Export those results to a format that works for you - .json, .xlsx or a pre-formatted red-team report in Word.

Learn More

Continuously train yourself, and your team

Operator has three continuous training programs built in:

Integrate and validate your defensive tools

Quickly integrate your existing defensive tools (SIEM, EDR) with Operator to create a full "cycle" of security testing. Generate realistic attack data and analyze what was caught by your systems using the integrated SIEM plugin (available to enterprise customers).

Have a question or need help?

Operator provides full support through email, Github and Discord. For enterprise customers, we provide private Slack channels & are available to help develop custom agents/adversaries/anything else you need through professional services.

The power of the platform, without the app

Operator's easy-to-use API allows you to drive everything from your environment. Leverage our core attack data/pre-built chains to fit your use case.


Adversary Emulation

Mimic known threats to your organization by combining threat intelligence and continuous red teaming to emulate attacks.


Defensive Training

Train yourself or your organization on real-world attacks using the first training platform integrated directly into an attack emulation platform. Perform attacks and learn how to stop them.


Desktop Application

Prelude takes care of the complexity behind the scenes and delivers Operator as the first desktop application in autonomous red-teaming. Simple design and free to use, download it here.


Continuously Updating

New TTPs and training content added every week (and sometimes, daily). Stay up-to-date, automatically. Threat intelligence, adversary creation, TTPs and training content all updated within the desktop app.