-
Notifications
You must be signed in to change notification settings - Fork 389
Getting Started
For installation instructions, environment setup, build commands, and first launch, see the README.md in the main repository.
RedAmon is fully Dockerized and runs on Linux, macOS, and Windows. A few platform-specific notes before you install:
The reference platform. Native Docker Engine is supported and recommended. Make sure your user is in the docker group (sudo usermod -aG docker $USER, then log out and back in).
- Install Docker Desktop:
Or download it from docker.com.
brew install --cask docker
- Open Docker Desktop from Applications and wait for the whale icon in the menu bar to stop animating before running any
redamon.shcommand. - Raise the Memory allocation: Docker Desktop → Settings → Resources → Memory. Set it to at least 4 GB (or 8 GB if you plan to install with
--gvm). The Docker Desktop default has historically been 2 GB, which is below RedAmon's minimum. - Clone the repo under your home directory (
~/redamon). Docker Desktop's File Sharing allowlist covers/Users,/Volumes,/private, and/tmpby default. Custom paths must be added under Settings → Resources → File Sharing. - Apple Silicon is supported. All in-tree images publish
linux/arm64manifests, and the recon entrypoint automatically falls back tolinux/amd64emulation for the few third-party images that don't.
Known limitation: SYN-based scanners (naabu, masscan) used in spawned recon containers run inside Docker Desktop's LinuxKit VM, not on the Mac's host network. This is fine for internet targets but means the Mac's local LAN is invisible to those scans. If you need LAN scanning, run RedAmon on a Linux host.
If you hit something not listed here, see the Troubleshooting page.
Use Docker Desktop with the WSL2 backend enabled, and run ./redamon.sh from inside a WSL2 distro (Ubuntu is the most-tested). Clone the repo into the WSL2 filesystem (~/redamon), not under /mnt/c/, or you will see severely degraded bind-mount performance.
Once RedAmon is running at http://localhost:3000:
- Create a user — set up your identity
- Create a project — configure your target and scan parameters
- Explore the Red Zone — understand the main interface
- Run your first reconnaissance — scan a target
Getting Started
Core Workflow
- Red Zone
- Recon Pipeline Workflow
- Running Reconnaissance
- AI Agent Guide
- Fireteam — Parallel Specialists
- Reverse Shells
Scanning & OSINT
- JS Reconnaissance
- GraphQL Security Testing
- Subdomain Takeover Detection
- VHost & SNI Enumeration
- GVM Vulnerability Scanning
- GitHub Secret Hunting
- TruffleHog Secret Scanning
AI & Automation
- AI Model Providers
- MCP Tool Plugins
- Knowledge Base & Web Search
- Agent Skills
- Chat Skills
- Tradecraft Lookup
- Playwright Browser Automation
- CypherFix — Automated Remediation
- Rules of Engagement (RoE)
HackLab
Analysis & Reporting
- Insights Dashboard
- Pentest Reports
- Attack Surface Graph
- Surface Shaper
- EvoGraph — Attack Chain Evolution
- Data Export & Import
Contributing
Reference & Help