Operator console · mock engagement

Watch an engagement run. Green means go.

This is the Wedjat engine walking a fictional in-scope estate. A Suite of recon runners fires in sequence, each one scope-gated before it touches anything. Findings stream into the console as they land. Open any one to see its proof: the exact command, the evidence hash, and the verdict. Find it, prove it, hand it off.

This is a demo on mock data. Nothing here scans a real host. The target (acme-demo.example and its RFC 5737 documentation IPs) is fictional, the findings are scripted, and no packet leaves your browser. It shows how the engine works, it does not run a live assessment.

run WDJ-DEMO-0042 · engagement acme-demo · posture covert

seeds acme-demo.example, www.acme-demo.example

ready

Findings

0 total 0 action needed 0 attention

What you just watched

Every line above is a command, not a claim.

The engine does not hand you a risk score and a guess. It runs deterministic recon runners, records the exact argv and a hash of what it saw, and asserts a finding only when it can show the proof. The same evidence is what a report is built from, and what you can re-run yourself.

01 · Find

Scope-gated recon

Each runner checks the target against the sealed scope before it executes. Out of scope is refused without a packet sent. Discovered hosts become new targets, re-checked at every hop.

02 · Prove

Evidence, hashed

A finding carries the real argv, a sha256 of exactly what was stored, the tool version, and the box image. A replayer can verify it. No evidence reference, no finding.

03 · Hand off

Prove with a canary

To show a door opens we write our own marker and read it back, then drop it. We demonstrate access. We never read your data, never flood, never exploit. Detection only.

/* With JS off, the live console cannot stream. Hide the interactive console section entirely and show a complete, pre-rendered example run instead, so the page still demonstrates the engine without a half-built empty shell. */ #run { display: none !important; } .ns-static { display: block !important; }

run WDJ-DEMO-0042 · example output (no JavaScript)

seeds acme-demo.example

cve-exposure via cve-check Server version in a known-vulnerable range www.acme-demo.example Action needed

What this means: The Server header (nginx/1.14.0) falls inside the affected range for a published CVE. Detection only: a version string matched an intel record. No probe, no payload, no exploit. Verify and patch.

Evidence (replayable)

cve-check version-match http.header.Server nginx/1.14.0

sha256
cve2018ab16451abc9988776655443322110fedcba9876543210fedcba987654

verdict
affected_range >=1.10,<1.17 matched
http-header via http-surface Missing security headers https://www.acme-demo.example/ Attention

What this means: No Content-Security-Policy, no Strict-Transport-Security. A hardening gap, not an active break-in.

Evidence (replayable)

http-surface --method GET --connect-to 192.0.2.10:443 https://www.acme-demo.example/

verdict
missing: CSP, HSTS

Action needed

Example output. Enable JavaScript to watch the full nine-runner suite stream live.