Merge pull request #28 from initstring/codex/rename-platform-to-red-team-assessment-platform

Rename platform to Red Team Assessment Platform

Author: initstring

.env.example

@@ -2,7 +2,7 @@
 
 # Prisma
 DATABASE_URL="file:db.sqlite" # relative path uses prisma/ in dev builds
-# For Postgres in production, set DATABASE_URL="postgresql://USER:PASSWORD@HOST:PORT/ttpx"
+# For Postgres in production, set DATABASE_URL="postgresql://USER:PASSWORD@HOST:PORT/rtap"
 
 # Initial User Creation
 INITIAL_ADMIN_EMAIL="admin@example.com"

README.md

@@ -1,8 +1,8 @@
-# TTPx
+# Red Team Assessment Platform (RTAP)
 
 _This is an experiment in creating something useful with AI coding agents. The initial version was made with Claude Code, but it has since been largely re-written by GPT-5 Codex. It is a personal hobby project, with no commitments and no promises._
 
-TTPx is a platform for internal Red Teams to plan and analyze their operations. The features and functionality are designed with their specific needs in mind, such as:
+The Red Team Assessment Platform (RTAP) is built for internal Red Teams to plan and analyze their operations. The features and functionality are designed with their specific needs in mind, such as:
 
 - Integrating the concept of threat actors and crown jewels into all operations - who is being emulated, what is being targeted, and how is that trending over time?
 - Producing visually appealing artifacts from individual operations, such as attack heatmaps and interactive flow charts that allow the operator to design meaningful attack narratives.

deploy/docker/.env.example

@@ -1,29 +1,29 @@
 # Web app
-TTPX_PORT=3000
-TTPX_DATABASE_URL=postgresql://${TTPX_POSTGRES_USER}:${TTPX_POSTGRES_PASSWORD}@${TTPX_POSTGRES_HOST}:${TTPX_POSTGRES_PORT}/${TTPX_POSTGRES_DB}
+RTAP_PORT=3000
+RTAP_DATABASE_URL=postgresql://${RTAP_POSTGRES_USER}:${RTAP_POSTGRES_PASSWORD}@${RTAP_POSTGRES_HOST}:${RTAP_POSTGRES_PORT}/${RTAP_POSTGRES_DB}
 
 # Full base URL where the app will be reachable (include http:// or https://).
 # Cookies are sent over HTTPS only when this starts with https://.
-# If you put a TLS-terminating proxy in front of ttpx-web, use its public URL.
-TTPX_AUTH_URL=http://localhost:3000
+# If you put a TLS-terminating proxy in front of rtap-web, use its public URL.
+RTAP_AUTH_URL=http://localhost:3000
 
 # Secure values: generate with `openssl rand -base64 32`
-TTPX_AUTH_SECRET=REPLACE_WITH_A_SECURE_RANDOM_VALUE
-TTPX_INITIAL_ADMIN_EMAIL=admin@example.com
+RTAP_AUTH_SECRET=REPLACE_WITH_A_SECURE_RANDOM_VALUE
+RTAP_INITIAL_ADMIN_EMAIL=admin@example.com
 
 # Optional SSO
 # Toggle passkey provider (default enabled)
-TTPX_AUTH_PASSKEYS_ENABLED=true
+RTAP_AUTH_PASSKEYS_ENABLED=true
 # Register Google provider when present (optional)
-#TTPX_GOOGLE_CLIENT_ID=
-#TTPX_GOOGLE_CLIENT_SECRET=
+#RTAP_GOOGLE_CLIENT_ID=
+#RTAP_GOOGLE_CLIENT_SECRET=
 
 # Optional: logging level (default: debug in dev, info in prod)
-#TTPX_LOG_LEVEL=info
+#RTAP_LOG_LEVEL=info
 
 # Postgres
-TTPX_POSTGRES_HOST=ttpx-postgres
-TTPX_POSTGRES_PORT="5432"
-TTPX_POSTGRES_USER=postgres
-TTPX_POSTGRES_PASSWORD=CHANGE_ME
-TTPX_POSTGRES_DB=ttpx
+RTAP_POSTGRES_HOST=rtap-postgres
+RTAP_POSTGRES_PORT="5432"
+RTAP_POSTGRES_USER=postgres
+RTAP_POSTGRES_PASSWORD=CHANGE_ME
+RTAP_POSTGRES_DB=rtap

deploy/docker/docker-compose.yml

@@ -1,37 +1,37 @@
 services:
-  ttpx-postgres:
+  rtap-postgres:
     image: postgres:16-alpine
-    container_name: ttpx-postgres
+    container_name: rtap-postgres
     environment:
-      POSTGRES_USER: ${TTPX_POSTGRES_USER}
-      POSTGRES_PASSWORD: ${TTPX_POSTGRES_PASSWORD}
-      POSTGRES_DB: ${TTPX_POSTGRES_DB}
+      POSTGRES_USER: ${RTAP_POSTGRES_USER}
+      POSTGRES_PASSWORD: ${RTAP_POSTGRES_PASSWORD}
+      POSTGRES_DB: ${RTAP_POSTGRES_DB}
     volumes:
-      - ttpx-postgres-data:/var/lib/postgresql/data
+      - rtap-postgres-data:/var/lib/postgresql/data
     restart: unless-stopped
 
-  ttpx-web:
-    image: ghcr.io/initstring/ttpx:v0.2.2
-    container_name: ttpx-web
+  rtap-web:
+    image: ghcr.io/initstring/rtap:v0.2.2
+    container_name: rtap-web
     depends_on:
-      - ttpx-postgres
+      - rtap-postgres
     environment:
       NODE_ENV: production
-      PORT: ${TTPX_PORT}
-      DATABASE_URL: ${TTPX_DATABASE_URL}
-      AUTH_URL: ${TTPX_AUTH_URL}
-      AUTH_SECRET: ${TTPX_AUTH_SECRET}
-      INITIAL_ADMIN_EMAIL: ${TTPX_INITIAL_ADMIN_EMAIL}
-      AUTH_PASSKEYS_ENABLED: ${TTPX_AUTH_PASSKEYS_ENABLED}
-      GOOGLE_CLIENT_ID: ${TTPX_GOOGLE_CLIENT_ID}
-      GOOGLE_CLIENT_SECRET: ${TTPX_GOOGLE_CLIENT_SECRET}
+      PORT: ${RTAP_PORT}
+      DATABASE_URL: ${RTAP_DATABASE_URL}
+      AUTH_URL: ${RTAP_AUTH_URL}
+      AUTH_SECRET: ${RTAP_AUTH_SECRET}
+      INITIAL_ADMIN_EMAIL: ${RTAP_INITIAL_ADMIN_EMAIL}
+      AUTH_PASSKEYS_ENABLED: ${RTAP_AUTH_PASSKEYS_ENABLED}
+      GOOGLE_CLIENT_ID: ${RTAP_GOOGLE_CLIENT_ID}
+      GOOGLE_CLIENT_SECRET: ${RTAP_GOOGLE_CLIENT_SECRET}
     ports:
-      - "${TTPX_PORT}:${TTPX_PORT}"
+      - "${RTAP_PORT}:${RTAP_PORT}"
     restart: unless-stopped
 
 # If you need TLS, place your own reverse proxy (e.g., Traefik, Caddy, Nginx)
-# in front of ttpx-web and forward port 80/443 to ${PORT}.
+# in front of rtap-web and forward port 80/443 to ${PORT}.
 
 volumes:
-  ttpx-postgres-data:
-    name: ttpx-postgres-data
+  rtap-postgres-data:
+    name: rtap-postgres-data

docs/dev/DESIGN.md

@@ -1,6 +1,6 @@
-# TTPx Design (Current)
+# Red Team Assessment Platform Design (Current)
 
-A concise, accurate description of how TTPx works today.
+A concise, accurate description of how RTAP works today.
 
 ## Purpose
 

docs/dev/STYLE.md

@@ -1,4 +1,4 @@
-TTPx UI Style Guide
+RTAP UI Style Guide
 
 Structure and Naming (source of truth)
 

docs/getting-started.md

@@ -1,4 +1,4 @@
-# Getting Started with TTPx
+# Getting Started with the Red Team Assessment Platform (RTAP)
 
 This guide walks through the first workflow after you launch the application. Follow the steps in order so operations have the context they need for accurate analytics. The README already covers installing dependencies and starting the app.
 
@@ -28,7 +28,7 @@ This guide walks through the first workflow after you launch the application. Fo
   - Operator: Read/Write access to operations, view analytics, cannot access settings
   - Viewer: Read access to operations and analytics, cannot access settings
 - Create groups under Settings -> Groups if you plan to restrict operations to specific teams.
-- When SSO is enabled, every user still needs to exist in TTPx ahead of time with the correct role and group membership.
+- When SSO is enabled, every user still needs to exist in RTAP ahead of time with the correct role and group membership.
 
 ## 3. Create an Operation
 

docs/installation.md

@@ -1,6 +1,6 @@
 # Installation
 
-Follow these instructions to set up TTPx in local development or production environments.
+Follow these instructions to set up the Red Team Assessment Platform (RTAP) in local development or production environments.
 
 ## Local Development (Non-Docker)
 
@@ -39,12 +39,15 @@ cp .env.example .env
 docker compose up -d
 
 # Optionally - seed demo taxonomy/operation data (FOR DEMO PURPOSES ONLY)
-docker exec ttpx-web npx tsx scripts/demo-data.ts
+docker exec rtap-web npx tsx scripts/demo-data.ts
 
 # If not using SSO, generate 1-time login URL to set up your first passkey
-docker exec ttpx-web npm run generate-admin-login
+docker exec rtap-web npm run generate-admin-login
 ```
 
+Populate the `.env` file with the `RTAP_*` variables referenced in `docker-compose.yml` (port, database credentials, auth URL,
+and optional provider secrets) before starting the stack.
+
 ## Authentication
 
 ### How it Works

next.config.ts

@@ -3,8 +3,8 @@ import "./src/env";
 import type { NextConfig } from "next";
 
 const config: NextConfig = {
-  // Allow local dev tooling to talk to the dev server when using the ttpx.dev domain
-  allowedDevOrigins: ["ttpx.dev", "*.ttpx.dev"],
+  // Allow local dev tooling to talk to the dev server when using the rtap.dev domain
+  allowedDevOrigins: ["rtap.dev", "*.rtap.dev"],
 };
 
 export default config;