gadievron/raptor

Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we configure the agent for adversarial thinking, and perform research or attack/defense operations.

1K stars121 forksUpdated Jan 23, 2026
npx skills add gadievron/raptor

README

╔═══════════════════════════════════════════════════════════════════════════╗ 
║                                                                           ║
║             ██████╗  █████╗ ██████╗ ████████╗ ██████╗ ██████╗             ║ 
║             ██╔══██╗██╔══██╗██╔══██╗╚══██╔══╝██╔═══██╗██╔══██╗            ║ 
║             ██████╔╝███████║██████╔╝   ██║   ██║   ██║██████╔╝            ║ 
║             ██╔══██╗██╔══██║██╔═══╝    ██║   ██║   ██║██╔══██╗            ║ 
║             ██║  ██║██║  ██║██║        ██║   ╚██████╔╝██║  ██║            ║ 
║             ╚═╝  ╚═╝╚═╝  ╚═╝╚═╝        ╚═╝    ╚═════╝ ╚═╝  ╚═╝            ║ 
║                                                                           ║ 
║             Autonomous Offensive/Defensive Research Framework             ║
║             Based on Claude Code - v1.0-alpha                             ║
║                                                                           ║ 
║             By Gadi Evron, Daniel Cuthbert                                ║
║                Thomas Dullien (Halvar Flake) & Michael Bargury            ║ 
║                                                                           ║ 
╚═══════════════════════════════════════════════════════════════════════════╝ 

⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⣤⣤⣀⣀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣾⣿⣿⠿⠿⠟
⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⣀⣀⣀⣀⣀⣤⣴⣶⣶⣶⣤⣿⡿⠁⠀⠀⠀
⣀⠤⠴⠒⠒⠛⠛⠛⠛⠛⠿⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠟⠁⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠛⣿⣿⣿⡟⠻⢿⡀⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣾⢿⣿⠟⠀⠸⣊⡽⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⡇⣿⡁⠀⠀⠀⠉⠁⠀⠀⠀⠀⠀
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⠿⣿⣧⠀ Get them bugs.....⠀⠀⠀⠀⠀⠀⠀⠀

RAPTOR - Autonomous Offensive/Defensive Security Research Framework, based on Claude Code

Run in Smithery CodeQL

Authors: Gadi Evron, Daniel Cuthbert, Thomas Dullien (Halvar Flake), and Michael Bargury (@gadievron, @danielcuthbert, @thomasdullien, @mbrg)

License: MIT (see LICENSE file)

Repository: https://github.com/gadievron/raptor

Dependencies: See DEPENDENCIES.md for external tools and licenses

What is RAPTOR?

RAPTOR is an autonomous offensive/defensive security research framework, based on Claude Code. It empowers security research with agentic workflows and automation.

RAPTOR stands for Recursive Autonomous Penetration Testing and Observation Robot. (We really wanted to name it RAPTOR)

RAPTOR autonomously:

  1. Scans your code with Semgrep and CodeQL and tries dataflow validation
  2. Fuzzes your binaries with American Fuzzy Lop (AFL)
  3. Analyses vulnerabilities using advanced LLM reasoning
  4. Exploits by generating proof-of-concepts
  5. Patches with code to fix vulnerabilities
  6. FFmpeg-specific patching for Google's recent disclosure (https://news.ycombinator.com/item?id=45891016)
  7. OSS Forensics for evidence-backed GitHub repository investigations
  8. Agentic Skills Engine for security research & operations (SecOpsAgentKit)
  9. Offensive Security Testing via autonomous specialist agent with SecOpsAgentKit
  10. Cost Management with budget enforcement, real-time tracking, and quota detection
  11. Reports everything in structured formats

RAPTOR combines traditional security tools with agentic automation and analysis, deeply understands your code, proves exploitability, and proposes patches.

Disclaimer: It's a quick hack, and we can't live without it: We're proud of RAPTOR (and some of our tools are beyond useful), but RAPTOR itself was hacked together in free time, held together by vibe coding and duct tape. Consider it an early release.

What will make RAPTOR truly transformative is community contributions. It's open source, modular, and extensible.

Be warned: Unless you use the devcontainer, RAPTOR will automatically install tools without asking, check dependencies.txt first.

What's unique about RAPTOR?

Beyond RAPTOR's potential for autonomous security research and community collaboration, it demonstrates how Claude Code can be adapted for any purpose, with RAPTOR packages.

Recent improvements:

  • LiteLLM Integration: Unified LLM interface with Pydantic validation, smart model selection, and cost tracking
  • SecOpsAgentKit: Offensive security specialist agent with comprehensive penetration testing capabilities
  • Cost Management: Budget enforcement, real-time callbacks, and intelligent quota detection
  • Enhanced Reliability: Multiple bug fixes improving robustness across CodeQL, static analysis, and LLM providers

OSS Forensics Investigation

RAPTOR now includes comprehensive GitHub forensics capabilities via the /oss-forensics command:

New Capabilities:

  • **Evidence Colle

...

Read full README

Publisher

gadievrongadievron

Statistics

Stars1K
Forks121
Open Issues13
LicenseMIT License
CreatedOct 17, 2025