Skip to content

OPEN SOURCE

Open by default.

A tool that runs offense on your systems is a tool you have to trust completely. The only honest way to earn that trust is to let you read every line. So Riposte is open source, top to bottom.

THE TERMS

What open source means here.

Apache-2.0

A permissive license.

Use it, fork it, ship it inside your own work. No copyleft surprise, no per-seat gate, no asterisk.

No telemetry

It phones no one.

There is no analytics, no beacon, no usage ping. What it learns about your targets stays on your machine.

Runs offline

Airgap-friendly.

The demo and the core loop run with no network and no account, so you can vet it fully before it touches anything.

Read every line

Nothing is hidden.

The whole operator, scope checks and gates included, is on GitHub. A security tool you cannot audit is one you have to trust blind.

WHY

Security you can inspect.

Closed security tooling asks you to trust a black box with your infrastructure. Riposte takes the opposite bet. Every scope check, every gate, and every line the operator runs is in the open, so a reviewer can see exactly what it will and will not do before it does anything at all.

Open also means it outlives any one company. You can run it on your own terms, keep it on an airgapped host, and change it to fit how your team works.

PRE-ALPHA

Riposte is early and honest about it. Some capabilities are wired and some are still gated in the code. Nothing on this site is faked, and the roadmap is public. If it is not ready, the repository says so.

pre-alpha . apache-2.0 . no telemetry . runs offline