In Development

INQUISITOR

Offensive security for the air-gapped DoD

An integrated offensive security platform for classified DoD environments. Designed to operate inside air-gapped enclaves at DoD Impact Level 6 and above, with end-to-end FIPS 140-3 cryptography and zero external network dependency.

Stay Informed

Get cybersecurity compliance updates, CMMC news, and security insights delivered to your inbox.

We will only email you when INQUISITOR is generally available. No spam, ever.

Capabilities

What INQUISITOR Delivers

Reconnaissance, scanning, and (in later phases) exploitation and offline threat intelligence — unified behind a typed TypeScript gateway and an isolated Python engine.

Shipping

TCP Network Reconnaissance

nmap-based TCP service discovery delivered through the Python scanning engine, returning structured host and port results to the TypeScript gateway.

Shipping

TypeScript API Gateway

Express 5 + TypeScript gateway is the sole public surface. Every inbound request is validated against a Zod schema at the boundary.

Shipping

Localhost-Only Python Engine

FastAPI engine is bound to the loopback interface with no outward API, no direct database access, and Pydantic models on every request.

In Development

CAC/PIV + WebAuthn + TOTP

JWT session issuance with CAC/PIV, WebAuthn/FIDO2, and TOTP second factors. Individual factors come online as their phases complete.

In Development

Operator-Tier RBAC

Five-tier role hierarchy (SUPER_ADMIN, ADMIN, OPERATOR, ANALYST, VIEWER) with a dedicated OPERATOR role for red-team workflows. Enforcement lands as the auth phase completes.

In Development

Exploitation & Offline Intel

Web app scanning (nikto), protocol-level exploitation (impacket), packet crafting (scapy), and offline-only threat intelligence ingest.

Why INQUISITOR

Built for Classified Operations

Architected from the first commit for the constraints and trust boundaries of classified enclaves.

Designed for IL6 From Day One

Trust boundaries, FIPS posture, and air-gap constraints were architectural requirements at project inception — not retrofitted onto a commercial product.

Zero External Network Calls

No outbound internet requests. All threat intelligence, vulnerability data, and updates are imported from signed offline packages.

Complements RAVEN

Run RAVEN for defensive RMF work and INQUISITOR for offensive assessments with one vendor, one FIPS posture, one deployment model.

Roadmap

Phased Delivery

INQUISITOR is delivered under a phase-based plan. TCP reconnaissance ships today; the remaining modules follow.

TCP recon (nmap)Shipping
TypeScript gateway + ZodShipping
Python engine on localhostShipping
Organization-scoped multi-tenancyPlanned
CAC/PIV + WebAuthn + TOTP authPlanned
Operator-tier RBAC enforcementPlanned
Web application scanning (nikto)Planned
Protocol-level exploitation (impacket)Planned
Packet crafting & analysis (scapy)Planned
Offline threat intelligence ingestPlanned

Evaluate INQUISITOR

INQUISITOR is in active development. Contact us to discuss deployment in your SCIF or classified enclave, or sign up to be notified at GA.

Contact UsGet Notified