BHD Ops is a structured workflow platform for penetration testers and OT/ICS consultants. Manage engagements, analyze evidence with AI, and deliver findings — from the office or the field.
Built internally for our own assessments. Now available to vetted practitioners.
Note-taking apps miss context. Generic AI wrappers miss structure. Reporting tools miss the field. BHD Ops covers the full workflow.
Every AI conversation is scoped to a specific engagement. Context doesn't bleed between clients. The AI knows what phase you're in and what's already been found.
Camera capture for HMI evidence. Voice input when you can't type. Mobile-first layout that works on-site, not just at a desk. Built by practitioners who work in industrial environments.
Bring your own Anthropic, OpenAI, or local Ollama credentials. Keys are encrypted at rest and never returned to the browser. Run fully air-gapped if your environment requires it.
Log findings with severity, evidence, and recommendations as you work. Export structured PDF or Markdown reports when the engagement closes. Not a dump — a deliverable.
From scoping through report delivery — without context switching to a dozen separate tools.
Discrete engagements with client details, test type, scope, and phase tracking. Each engagement is isolated — history, findings, and artifacts stay contained.
Upload Nmap XML, scan output, or raw text. Drag in screenshots or capture from your phone camera. The AI analyzes in context — not as a generic chatbot.
Embedded PTY terminal over WebSocket. Run commands, browse output, and pipe results into AI analysis without leaving the platform.
Whisper-powered voice transcription for hands-free field documentation. Phone camera capture for visual evidence — HMI screens, physical access points, network diagrams.
AI-drafted reports in PDF and Markdown, structured by phase and scoped to findings. A real starting point for client deliverables — not a data export.
Route to Claude, GPT-4, or local Ollama with automatic fallback. Bring your own keys. Switch providers mid-engagement without losing context.
If you run structured engagements, produce client deliverables, and need your tools to keep up with how assessments actually happen — this is for you.
Built from real industrial assessments. Camera evidence, voice capture, and structured phase tracking designed for environments where standard tools fall short.
Manage multiple concurrent engagements, stay organized across phases, and produce polished deliverables without juggling three separate tools.
A force multiplier for small teams. Consistent engagement structure, reduced documentation overhead, and faster report turnaround across consultants.
Self-hosted deployment with local Ollama models. No third-party SaaS in the loop. Fully air-gapped operation available for environments that require it.
Here is what is actually true about how BHD Ops handles sensitive data — stated plainly, without marketing language.
Provider API keys are encrypted at rest using Fernet symmetric encryption. Raw keys are never returned to the frontend — not even partially.
All endpoints require a signed JWT. Tokens expire on schedule. Any 401 invalidates the session client-side immediately.
Let's Encrypt TLS, Nginx termination, Cloudflare Full (Strict) SSL mode. Traffic is encrypted end-to-end — including between Cloudflare and origin.
Messages, findings, and artifacts are scoped per engagement and per user. Cross-engagement data access is not permitted by the data model.
AI output is a draft input to analyst judgment — not a decision. Findings require human review before they appear in any deliverable. The platform assists. It does not replace the analyst.
Self-hosted deployment with local Ollama models removes all external AI API dependencies. No client data leaves your infrastructure if you deploy this way.
Built because nothing else covered the full workflow. We needed engagement management, AI-assisted analysis, structured findings, and field-ready mobile access in one place — and it didn't exist. BHD Ops was built internally for our own assessments at Black Hat Defense LLC. After using it across real engagements, we made it available to other practitioners who need the same thing.
Black Hat Defense LLC — Penetration Testing & OT/ICS/SCADA Security Consulting
Access is granted to consulting clients, vetted practitioners, and design partners. If you run real engagements and want to evaluate the platform, reach out directly. We will respond.
Existing users: sign in here