The kit you bring to authorized engagements
HID hardware, OSINT, Proxy, firmware, and the Companion app — sold separately, designed to compose. Hand-built in Germany, runs offline, no subscriptions on the core.
Five steps of an authorized engagement
Same shape every engagement. Tools change, scope changes, scope-letter changes — the workflow doesn’t.
Recon
Pull the public picture before you touch the target. Build an investigation profile you can hand to an analyst.
OSINT · Proxy
Plan
Convert recon into authorized scope. Write the script library you'll use day-of in the Companion app.
Companion · Profiles
Execute
HID handles the physical-access leg, OSINT runs intelligence, Proxy chains the network leg. Offline-capable.
Ghost · Mini · Firmware
Validate
Chain leak checks, confirm exposure, verify findings against scope. Cross-tool pivots in the same profile.
Proxy · OSINT
Hand off
Investigation profile exports to PDF. Procurement-friendly EULA addendum and authorized-testing template ride along.
PDF export
The professional kit
Most freelance pentesters and small red teams end up with the same combination.
What you actually buy
Three things that hold across every product in the kit.
Tools you own
One purchase, lifetime updates, no cloud account that has to be alive for the device to work. Same kit in five years.
No-log by default
Customer operational data — testing activity, OSINT queries, payloads — never leaves your machine.
Procurement-ready
Plain-language EULA addendum, authorized-testing template, single-PO invoicing. No follow-up emails.
Ready for the next engagement?
Start with one device. Add what fits the next engagement. Same trust model at every scale.