Skip to content

Getting Started

Getting Started with OctoPwn

Whether you're here for a quick demo, wish to explore a bit further, or want to dive deep into our advanced functionalities, we're thrilled to have you on board. Below you'll find a step-by-step guide to help you navigate through the initial stages of using OctoPwn.

OctoPwn consists of two components.

  1. A web gui client available at live.octopwn.com containing all the pentesting tools in your browser. Login with your your OctoPwn Credentials or choose the free Community version.

  2. A WebSocket-to-TCP translation client which will run on a host in the attack target's network. For getting started it is assumed that both will run on the same computer on Windows. You can download the client for your system as needed.

  1. Get the lastest release of the python wsnet client for your operating system.

https://github.com/octopwn/wsnet/releases/latest

  1. Run the wsnet client.
  2. Windows: wsserver_windows.exe
  3. Linux: wsnet-wssserver

https://github.com/octopwn/wsnet-go/releases/latest
https://github.com/octopwn/wsnet/releases/latest

https://github.com/octopwn/wsnet-dotnet/releases/latest

User Onboarding

Types of Users:

  • Unregistered, Community Users: Explore basic operations with our community edition at live.octopwn.com without the need to register.

  • Paid Users: Access the full suite of tools and plugins for an extensive experience. You can choose from Starter, Pro or Enterprise licenses. For a detailed feature comparison, see our website here.

System Requirements

  • Recommended browser: Any Chromium-based browser. Google Chrome for the best UI experience. Firefox and Edge are also supported with some UI variations.
  • Memory: A system with at least 8GB of RAM to accommodate result storage in memory.
  • Extensions: No additional browser extensions or plugins are needed.
  • A detailed guide on how to navigate through OctoPwn's user interface will be provided in a separate document.

Core Functionalities

Plugin Management

  • Automatic Delivery: No manual installation needed, as plugins will be delivered automatically to users.

Security Practices

For users utilizing the live system on live.octopwn.com:

  1. Establish a certificate for the WSNET proxy.

Warning

IMPORTANT: If you loaded the live version of OctoPwn via https, you can only connect to wsnet proxy over secure TLS connection, unless it's listening on localhost. But even in the latter case, you MUST use ws://localhost:port, not the IP.

If you are operating OctoPwn from your system:

  • Do not forget to remove the session file upon completion of use.

And if you’ve downloaded the private key and certificates for your license, ensure:

  • Secure storage, akin to how you would manage a license file.
  • Never share these credentials.

Warning

IMPORTANT: If you are using Octopwn on a third party system, please make sure after you have finished working on that system to fully remove Octopwn from all computer devices on that system including temporary storages (e.g. browser cache) as per our EULA.

User Management

If you have purchased multiple licenses, you can assign one unassigned license to a user by inviting them from your account page on our website.

  1. Click on the chosen license on the "Assign license user" button you want to assign.
  2. Enter the email address of the invited person.
  3. The invited person will get an email shortly where they can set up an account and the license will get assigned and can be used immediately.

Please note:

  • License validity starts for the date of purchase and not the date of assignment.
  • License owners can be changed in the same way every 30 days in case a colleague leaves or do not with to use the license anymore.

Support and Help

If you cannot find the answer you are looking for in this documentation site, please feel free to:

  1. Write us an email to support at octopwn dot com.
  2. Contact us through the website at https://octopwn.com/support.
  3. Ask your question on our Discord support channel.

Additional Tips and Tricks

Stay tuned! We’ll be curating and sharing tips to optimize your usage and best practices for efficient utilization of OctoPwn.

Troubleshooting and FAQs

  • Coming soon.

We're delighted to welcome you to OctoPwn and are dedicated to offering you a seamless experience. Should you encounter any issues or have further inquiries, please do not hesitate to reach out and all additional documentation are here to guide you through your journey.

Happy pwning!