Field-Ready Command Hub: RTFMv2 CLI Comes of Age

[ 2025.09.14 ]

TAGS: #release #community #rtfmv2 #CLI

Field-Ready Command Hub: RTFMv2 CLI Comes of Age — CLICK_IMAGE_FOR_FULL_VIEW

RTFMv2’s console is stepping out of the shadows with the kind of flourish you’d expect from a tool that was built by operators for operators: an emerald ASCII banner, a license challenge, and then a ready queue of commands that can be fired from the REPL, scripted in batch, or piped in over WebSockets. Below is the briefing operators are already sharing around the war room.
RTFMv2 CLI is fundamentally session-first. Spin up a workspace with new --name --host --pass, or bring an encrypted archive back online with load --dir --pass. Every session includes host ranges, service inventories, and loot, so the list session and hostinfo --host commands double as instant situational awareness—no more digging through SQLite by hand. Once you’ve enumerated, save locks the session back into its .rtfm2 vault for handoff between shifts.
Execution is where the CLI earns its green badge. run --command pulls curated tradecraft from the RTFM catalog and executes it without polluting history, while run --custom "whatever" gives you a scratch pad for one-off shell work that still logs into the session timeline. Larger engagements lean on RunScript --filePath playbook.rtfm2, which replays an entire batch of commands line-by-line—perfect for repeating reconnaissance phases or regression-testing fixes. When improvisation is required, shell --shell drops you into a fully stateful OS shell; remote users can even keep the shell alive via --session-id and send single commands with --cmd for living-off-the-land operations through the WebSocket server.
Automation and outreach round out the story. list plugins, list templates, and list lua expose everything that’s been hot-loaded: native options, .NET plugin DLLs, and Lua scripts from the Plugins/Lua folder. The plugins --dir load command lets field teams register new modules on the fly, while Lua authors can publish new verbs, completions, and options without recompiling the CLI. Template operators pick their prebuilt attack with template --ip/--hostname [--port], letting the tool bind the script to any host already stored in the session’s inventory.
For remote crews, server --start --port 5001 brings up the TLS WebSocket broker, issuing its own certificates and tracking every connected operator so list connections shows who’s online. Launching the console with the nodered argument kicks off a Node-RED process and a tiny WebSocket relay: dashboards can push CLI payloads straight into the parser, and responses stream back with secrets like --pass already masked. Even loot retrieval is covered—file --copy loot.zip hands remote clients whatever the server has stashed in its loot directory.