diff --git a/installer/bin/clean.sh b/installer/bin/clean.sh
index f396b70c..ce121d97 100755
--- a/installer/bin/clean.sh
+++ b/installer/bin/clean.sh
@@ -138,6 +138,14 @@ fuMAILONEY () {
   chown tpot:tpot /data/mailoney/ -R
 }
 
+# Let's create a function to clean up and prepare rdpy data
+fuRDPY () {
+  if [ "$myPERSISTENCE" != "on" ]; then rm -rf /data/rdpy/*; fi
+  mkdir -p /data/rdpy/log/
+  chmod 760 /data/rdpy/ -R
+  chown tpot:tpot /data/rdpy/ -R
+}
+
 # Let's create a function to prepare spiderfoot db
 fuSPIDERFOOT () {
   mkdir -p /data/spiderfoot
@@ -202,6 +210,7 @@ if [ "$myPERSISTENCE" = "on" ];
     fuGLASTOPF
     fuHONEYTRAP
     fuMAILONEY
+    fuRDPY
     fuSPIDERFOOT
     fuSURICATA
     fuP0F
diff --git a/installer/etc/tpot/compose/all.yml b/installer/etc/tpot/compose/all.yml
index 9dfc9d2e..5b6a758d 100644
--- a/installer/etc/tpot/compose/all.yml
+++ b/installer/etc/tpot/compose/all.yml
@@ -11,6 +11,7 @@ networks:
   ewsposter_local:
   glastopf_local:
   mailoney_local:
+  rdpy_local:
   spiderfoot_local:
   ui-for-docker_local:
   vnclowpot_local:
@@ -240,6 +241,18 @@ services:
      - /sys:/host/sys:ro
      - /var/run/docker.sock:/var/run/docker.sock
 
+# Rdpy service
+  rdpy:
+    container_name: rdpy
+    restart: always
+    networks:
+     - rdpy_local
+    ports:
+     - "3389:3389"
+    image: "dtagdevsec/rdpy:1706"
+    volumes:
+     - /data/rdpy/log:/var/log/rdpy
+
 # Spiderfoot service
   spiderfoot:
     container_name: spiderfoot
diff --git a/installer/etc/tpot/compose/hp.yml b/installer/etc/tpot/compose/hp.yml
index cbed3a4a..faaa2e67 100644
--- a/installer/etc/tpot/compose/hp.yml
+++ b/installer/etc/tpot/compose/hp.yml
@@ -9,6 +9,7 @@ networks:
   ewsposter_local:
   glastopf_local:
   mailoney_local:
+  rdpy_local:
   vnclowpot_local:
 
 services:
@@ -130,6 +131,18 @@ services:
     volumes:
      - /data/mailoney/log:/opt/mailoney/logs
 
+# Rdpy service
+  rdpy:
+    container_name: rdpy
+    restart: always
+    networks:
+     - rdpy_local
+    ports:
+     - "3389:3389"
+    image: "dtagdevsec/rdpy:1706"
+    volumes:
+     - /data/rdpy/log:/var/log/rdpy
+
 # Vnclowpot service
   vnclowpot:
     container_name: vnclowpot
diff --git a/installer/etc/tpot/compose/tpot.yml b/installer/etc/tpot/compose/tpot.yml
index 6a985a5f..4f216464 100644
--- a/installer/etc/tpot/compose/tpot.yml
+++ b/installer/etc/tpot/compose/tpot.yml
@@ -9,6 +9,7 @@ networks:
   ewsposter_local:
   glastopf_local:
   mailoney_local:
+  rdpy_local:
   spiderfoot_local:
   ui-for-docker_local:
   vnclowpot_local:
@@ -210,6 +211,18 @@ services:
      - /sys:/host/sys:ro
      - /var/run/docker.sock:/var/run/docker.sock
 
+# Rdpy service
+  rdpy:
+    container_name: rdpy
+    restart: always
+    networks:
+     - rdpy_local
+    ports:
+     - "3389:3389"
+    image: "dtagdevsec/rdpy:1706"
+    volumes:
+     - /data/rdpy/log:/var/log/rdpy
+
 # Spiderfoot service
   spiderfoot:
     container_name: spiderfoot
diff --git a/installer/etc/tpot/elkbase.tgz b/installer/etc/tpot/elkbase.tgz
index ba036377..5f40f18c 100644
Binary files a/installer/etc/tpot/elkbase.tgz and b/installer/etc/tpot/elkbase.tgz differ
diff --git a/installer/etc/tpot/kibana-objects.tgz b/installer/etc/tpot/kibana-objects.tgz
index 02241245..32b9ac0b 100644
Binary files a/installer/etc/tpot/kibana-objects.tgz and b/installer/etc/tpot/kibana-objects.tgz differ
diff --git a/installer/etc/tpot/logrotate/logrotate.conf b/installer/etc/tpot/logrotate/logrotate.conf
index 8a59a96b..85d889bb 100644
--- a/installer/etc/tpot/logrotate/logrotate.conf
+++ b/installer/etc/tpot/logrotate/logrotate.conf
@@ -22,6 +22,7 @@
 /data/honeytrap/downloads.tgz
 /data/mailoney/log/commands.log
 /data/p0f/log/p0f.json
+/data/rdpy/log/rdpy.log
 /data/suricata/log/*.log
 /data/suricata/log/*.json
 /data/vnclowpot/log/vnclowpot.log
diff --git a/installer/etc/tpot/systemd/tpot.service b/installer/etc/tpot/systemd/tpot.service
index 5f21ad22..7c4a43a5 100644
--- a/installer/etc/tpot/systemd/tpot.service
+++ b/installer/etc/tpot/systemd/tpot.service
@@ -34,7 +34,7 @@ ExecStartPre=/sbin/iptables -w -A INPUT -s 127.0.0.1 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -d 127.0.0.1 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 64295:64303,7634 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
-ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,5900,27017 -j ACCEPT
+ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
 
@@ -49,7 +49,7 @@ ExecStopPost=/sbin/iptables -w -D INPUT -s 127.0.0.1 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -d 127.0.0.1 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 64295:64303,7634 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 20:23,25,42,69,80,135,443,445,1433,1723,1883,1900 -j ACCEPT
-ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,5060,5061,5601,5900,27017 -j ACCEPT
+ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 3306,3389,5060,5061,5601,5900,27017 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp -m multiport --dports 1025,50100,8080,8081,9200 -j ACCEPT
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE
 
diff --git a/installer/install.sh b/installer/install.sh
index 738b3033..68d1bf46 100755
--- a/installer/install.sh
+++ b/installer/install.sh
@@ -448,6 +448,7 @@ mkdir -p /data/conpot/log \
          /data/mailoney/log \
          /data/emobility/log \
          /data/ews/conf \
+         /data/rdpy/log \
          /data/spiderfoot \
          /data/suricata/log /home/tsec/.ssh/ \
          /data/p0f/log \