raptor

🥇Gold

Raptor transforms Claude Code into a versatile AI security agent, enabling offensive and defensive operations through rule creation and orchestration of security tools. It enhances adversarial thinking for effective research and security strategies.

1,6361240Updated 1w ago

Advanced15 minutes to implementai-agents

Saves ~240 min per use

Quick InstallView Source

claude install gadievron/raptor

Works with:

Claude

Overview

About This Skill

https://github.com/gadievron/raptor

How to Use

1. **Define the Scope:** Clearly outline the industry, rules, and security tools to simulate. Be specific about the attack vectors and defenses to test. 2. **Create the Agent:** Use Automa to set up the Raptor agent with the defined parameters. Ensure the agent can interact with the specified security tools. 3. **Run the Simulation:** Execute the agent and monitor its actions. Document each step, including any bypass attempts and user interactions. 4. **Analyze Results:** Review the simulation report to identify vulnerabilities and assess the effectiveness of current security measures. 5. **Implement Mitigations:** Based on the report, suggest and implement specific security improvements to address the identified weaknesses. **Tip:** Regularly update the simulation parameters to reflect new threats and security tools. Conduct simulations at least quarterly to stay ahead of evolving attack methods.

Use Cases

Conduct comprehensive penetration testing to identify vulnerabilities in applications.

Automate security assessments to ensure continuous compliance and risk management.

Simulate cyber attacks to evaluate the effectiveness of existing security measures.

Develop and implement defensive strategies based on real-time threat intelligence.

Setup & Installation

Quick Install

Terminal

claude install gadievron/raptor

Alternative Install (Git Clone)

git clone https://github.com/gadievron/raptor

Requirements

Claude Code or compatible AI agent
Works with: Claude
Advanced skill - requires experience with AI agents

Quick Start Guide

Install the Skill

Copy the install command above and run it in your terminal.

Open Your AI Agent

Launch Claude Code, Cursor, or your preferred AI coding agent.

Try It Out

Use the prompt template or examples below to test the skill.

Customize

Adapt the skill to your specific use case and workflow.

Usage Examples

Prompt Template

Create a Raptor agent to simulate a phishing campaign targeting [INDUSTRY] companies. Use the following rules: [RULES]. The agent should identify vulnerabilities in [SPECIFIC SECURITY TOOLS] and suggest mitigations. Provide a step-by-step report of the simulated attack and defense process.

Example Output

Raptor Agent Simulation Report

**Target Industry:** Healthcare
**Rules:** Simulate a spear-phishing campaign with a 72-hour window, targeting HR departments. Use social engineering tactics to bypass email filters.
**Security Tools:** Microsoft Defender for Office 365, KnowBe4

**Simulation Steps:**
1. **Reconnaissance:** Identified 15 target companies with publicly listed HR contacts. Gathered personal data from LinkedIn and company websites.
2. **Phishing Email Crafting:** Created personalized emails mimicking a benefits provider, with a malicious link to a fake login page.
3. **Bypass Attempts:** Tested email against Microsoft Defender filters. Initial emails were flagged, but slight modifications (e.g., changing the sender domain slightly) allowed some emails to bypass filters.
4. **User Interaction:** Simulated user clicks on the malicious link. Tracked engagement rates (25% opened emails, 12% clicked the link).
5. **Defense Evasion:** KnowBe4's security awareness training reduced click rates by 40% in trained employees compared to untrained ones.
6. **Mitigation Suggestions:** Recommend enabling multi-factor authentication (MFA) for all HR portals, increasing email filter sensitivity, and conducting quarterly phishing simulations for all employees.

**Conclusion:** The simulation revealed vulnerabilities in email filtering and user awareness. Implementing the suggested mitigations would significantly reduce the risk of successful phishing attacks.