%20by%20%E2%80%9ELisa%20Wischofsky%E2%80%9D%2C%20licensed%20under%20%E2%80%9ECC0%201.0%E2%80%9D%20(https%3A%2F%2Fcreativecommons.org%2Fpublicdomain%2Fzero%2F1.0%2F)%3C%2Fdc%3Arights%3E%3C%2Frdf%3ADescription%3E%3C%2Frdf%3ARDF%3E%3C%2Fmetadata%3E%3Cmask%20id%3D%22viewboxMask%22%3E%3Crect%20width%3D%22980%22%20height%3D%22980%22%20rx%3D%22490%22%20ry%3D%22490%22%20x%3D%220%22%20y%3D%220%22%20fill%3D%22%23fff%22%20%2F%3E%3C%2Fmask%3E%3Cg%20mask%3D%22url(%23viewboxMask)%22%3E%3Crect%20fill%3D%22url(%23backgroundLinear)%22%20width%3D%22980%22%20height%3D%22980%22%20x%3D%220%22%20y%3D%220%22%20%2F%3E%3Cdefs%3E%3ClinearGradient%20id%3D%22backgroundLinear%22%20gradientTransform%3D%22rotate(323%200.5%200.5)%22%3E%3Cstop%20stop-color%3D%22%23FFE4CC%22%2F%3E%3Cstop%20offset%3D%221%22%20stop-color%3D%22%23FFD7BA%22%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Cg%20transform%3D%22translate(10%20-60)%22%3E%3Cpath%20d%3D%22M269%20153c13-1%2027%201%2040%204%2017%205%2034%2011%2050%2020a91%2091%200%200%201%2044%2043h41l47-1a284%20284%200%200%201%20150%2043l22%2016%2022%2024a58%2058%200%200%201%208%2067c-2%204-7%206-11%203s-6-8-9-13l-16-26-10-23-35-1c-4%200-8-1-11-4l-14-10c-1%204-3%209-6%2012-3%204-9%200-13-1-22-4-44-6-67-6-24%200-47%203-71%206l-23%204-8-2-18-5%203%2017-1%2014c0%204-3%208-5%2012l-19%2037c-6%2017-12%2034-16%2052%200%202-1%204-3%205l-12%202c5%209%206%2020%205%2030-1%2012-3%2025-9%2036%207%209%209%2020%2010%2032%202%2019%200%2038-7%2055-2%205-5%2010-10%2012-1%201-4%201-4-1-2-3-2-7-2-11l-3-13-18-1c-8-2-16-7-21-14l-9-10a233%20233%200%200%201-28-159c6-39%2021-76%2044-107a330%20330%200%200%200-87%2053c-6-6-8-14-8-22%201-19%209-36%2021-51-19%2010-35%2022-51%2035-3%202-5%205-9%205l-7-10c-3-11%201-24%207-33%209-16%2025-29%2039-40%204-4%2010-8%2013-13%201-2%200-6-2-7l-9-3c-2-1-2-3%200-5%2012-13%2029-17%2045-22%2030-7%2061-9%2091-3-17-7-34-13-52-16h-11l1-2c3-3%208-4%2012-4Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M528%20244c41%206%2080%2022%20113%2047%2028%2021%2050%2049%2065%2081%2013%2028%2020%2060%2019%2091-1%2015-3%2030-8%2044h-2l1-21c1-30-2-59-13-87-10-30-28-57-50-79-42-40-98-62-156-63a243%20243%200%200%200-196%2094%20207%20207%200%200%200-40%20139l2%2025c8%200%2019%200%2025%207l-3%203-17%201c-12%201-24%205-33%2013a64%2064%200%200%200-17%2039c-5%2032%2012%2065%2039%2083%2016%2010%2036%2015%2055%209%204-2%209-5%2014-3%203%201%204%204%205%207a251%20251%200%200%200%2090%20100c8%207%2018%2013%2028%2018%2018%208%2038%2014%2057%2019l32%208c5%201%209%201%2013%203l-4%201c-25%202-48-3-72-10-12-3-23-7-34-12a306%20306%200%200%201-84-63l2%2028c1%2017%200%2035-6%2052-4%2012-11%2024-19%2034-10%2010-22%2019-34%2026-10%207-21%2014-32%2018l-16%205%209-9%2031-20%2022-17a95%2095%200%200%200%2032-56c2-14%202-28%202-43v-27c-10-14-22-29-27-46-17%208-38%207-55-1-17-7-32-19-43-33-12-17-19-36-21-56s2-40%2015-56c9-10%2022-18%2035-21-4-14-6-29-6-44a234%20234%200%200%201%2083-173%20249%20249%200%200%201%20199-55Z%22%20fill%3D%22%23000%22%2F%3E%3Cpath%20d%3D%22M653%20320c22%2022%2040%2049%2050%2079%2011%2028%2014%2057%2013%2087l-1%2021-5%2015-2%2013%202%2056c0%2021%201%2042-1%2063l-3%2047c-2%2016-7%2031-14%2045-11%2018-26%2033-44%2044-13%208-27%2012-41%2016l-38%2011-17%203c0%201%201%202%203%202%208%205%2017%205%2026%204-3%207-4%2014-2%2022%203%207%2011%2011%2017%2014%2012%206%2024%207%2036%209%207%206%2014%2014%2016%2024%202%208%202%2016-2%2023-5%2010-14%2018-24%2023-13%208-27%2014-42%2018a468%20468%200%200%201-222-1c-17-4-33-9-48-17-12-6-23-13-32-22-5-7-9-14-10-23%2011-4%2022-11%2032-18%2012-7%2024-16%2034-26%208-10%2015-22%2019-34%206-17%207-35%206-52l-2-28%2022%2023c19%2015%2040%2030%2062%2040%2011%205%2022%209%2034%2012%2024%207%2047%2012%2072%2010l4-1c-4-2-8-2-13-3l-32-8c-19-5-39-11-57-19l-29-17c-11-9-23-17-33-27a251%20251%200%200%201-56-74c-1-3-2-6-5-7-5-2-10%201-14%203-19%206-39%201-55-9a88%2088%200%200%201-39-83c1-14%207-28%2017-39%209-8%2021-12%2033-13l17-1%203-3c-6-7-17-7-25-7l-2-25a207%20207%200%200%201%2040-139%20243%20243%200%200%201%20196-94c58%201%20114%2023%20156%2063Z%22%20fill%3D%22%23ffffff%22%2F%3E%3Cpath%20d%3D%22M710%20522c3%200%203%204%204%206%203%2011%204%2023%205%2034l2%2021c1%2022%202%2043%201%2065-1%2021-1%2044-5%2065a136%20136%200%200%201-80%2099c-15%207-31%2011-48%2013v15c1%203%203%204%205%206%2012%206%2023%208%2036%2011%2012%203%2024%205%2036%2011-3%203-7%204-11%204-7%201-15-1-23-1-12-2-24-3-36-9-6-3-14-7-17-14-2-8-1-15%202-22-9%201-18%201-26-4-2%200-3-1-3-2l17-3%2038-11c14-4%2028-8%2041-16%2018-11%2033-26%2044-44%207-14%2012-29%2014-45l3-47c2-21%201-42%201-63l-2-56%202-13ZM252%20549c8%200%2017%201%2023%207%205%204%2010%209%2012%2015%201%203%200%206-2%208l-13%208c-7%206-7%2019%200%2025%206%205%2014%208%2021%2011%202%200%205%201%206%203-1%202-3%203-5%203-10%200-20-3-28-9-5-3-8-8-9-13-2-8-2-17%204-24%204-6%2011-9%2018-12-4-5-7-11-14-13-7-3-15-3-22-5l9-4Z%22%20fill%3D%22%23000%22%2F%3E%3Cpath%20d%3D%22M490%20492c7%203%2013%208%2019%2013%206%206%2012%2013%2013%2022%200%202%201%205-2%206l-4-8c2%209-3%2020-12%2024-6%203-13%204-19%203-9-1-17-6-23-13-4-6-6-14-4-21%201-8%205-15%2011-19a90%2090%200%200%200-55%2014c-5%203-10%207-13%2012-2%203-5%205-9%205-6%200-10-7-8-12l8-11c12-10%2026-18%2041-22%2019-6%2040-2%2057%207ZM681%20484c6%202%2014%204%2017%209%204%206%201%2013-6%2014%202%208%202%2017-3%2024-7%209-23%2011-31%203-5-6-9-14-8-22%201-4%203-7%206-11-12%203-21%2011-28%2020-4%205-6%2010-9%2016l-5%201%201-6a90%2090%200%200%201%2039-43c8-5%2017-7%2027-5Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M533%20358c6%202%209%208%2010%2014%200%208-3%2016-7%2022-3%203-7%204-10%201-4-3-2-10-2-15l-13%2010c-6%204-13%207-20%209-9%204-19%205-30%208l-25%208c-8%203-15%208-22%2012l-25%2017c-5%203-8%207-11%2012-2-4-1-8%201-11a401%20401%200%200%201%2035-29c16-13%2036-21%2055-28l28-11c8-4%2014-11%2021-16%205-2%2010-4%2015-3ZM626%20376l6%207c17%207%2033%207%2049%2016%204%202%207%206%209%2010s1%208-2%2012l-16-6c-12-6-24-7-36-11-7-3-14-4-19-10-4%208-4%2017-8%2026-1%201-1%204-4%203l-1-8%202-11c1-8%204-16%207-23%202-6%208-8%2013-5Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M603%20613v1c-4%208-11%2015-20%2018-3%201-7%201-9-1v-4c7-5%2016-9%2024-12l5-2Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20fill-rule%3D%22evenodd%22%20clip-rule%3D%22evenodd%22%20d%3D%22M661%20646c3%203%206%208%207%2012%203%205%204%2011%203%2017l-4-5-1-2-10-15-1-1v-1c-1-2-2-3-1-5%202-2%204-1%207%200Zm-30%2025a40%2040%200%200%201%2029%2013c3%204%207%207%208%2010%202%204%202%208-2%2010-5%204-13%205-20%205a5207%205207%200%200%201-42%201l-28%203-18%201-10%202-19%201c1-3%202-4%205-5l5-6%204-3c7-7%2017-12%2026-17l2-1c10-5%2021-9%2031-11%2010-3%2019-4%2029-3Zm-6%2029c-1-7%201-14%204-20-11-1-22%200-32%203l-1%2011-1%207%2030-1Zm11-19%201%201%204%201c6%202%2011%207%2015%2012l3%203c-6%202-12%202-19%202h-10c4-6%206-12%206-19Zm-48%2020c-1-5%200-10%201-15a254%20254%200%200%200-43%2021c10-3%2021-4%2031-5l11-1Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M690%20460h30c9%201%2017%201%2026%204%203%201%205%204%204%208-4%205-10%206-16%207v29c-2%2014-3%2029-8%2043-4%2011-15%2019-25%2023-8%203-17%205-25%206-11%201-22-1-33-2-6-1-12-1-17-4-6-4-12-10-15-17-2-6-5-12-6-19-1-10-2-21%200-31-12-2-24-4-36-1l-4%205-1%2011c-1%2012-2%2025-6%2036-3%209-9%2016-16%2022l-15%208c-24%207-48%2012-73%2011-16-1-33-4-47-12-13-7-25-18-32-31l-4-13-1-23v-21c-7-1-13%200-19-4-3-2-4-7-1-10%203-4%209-5%2014-7%2015-6%2029-8%2045-11l19-2c18-2%2036-3%2054-2%2019%200%2037%201%2056%204%208%201%2015%205%2022%209l10%2011%2024%203%2012%201%202-9%207-8c9-5%2019-7%2028-10l47-4Z%22%20fill%3D%22%23000000%22%2F%3E%3Cpath%20d%3D%22M707%20480c6%202%2013%208%2013%2015%201%204-3%208-7%208-6-1-9-7-12-11-2-2-4-2-4-5%200-5%206-8%2010-7ZM524%20487c8%201%2015%205%2020%2011%203%204%204%2010%202%2014s-7%206-12%204c-3-2-4-5-6-8-2-2-4-3-7-3l-12-5c-2-2-2-5%200-7%203-5%209-7%2015-6Z%22%20fill%3D%22%23fff%22%2F%3E%3Cpath%20d%3D%22M508%20220a271%20271%200%200%201%2097%2024c14%207%2029%2014%2042%2023%208%205%2016%2011%2022%2018l22%2025c-9%204-18%203-27%202-17-2-34-4-51-3l-8-1-7-5-12-8c0%204-1%207-3%2011-2%202-4%203-7%203-4-1-7-3-11-3a470%20470%200%200%200-155%203h-11l-18-6c1%209%204%2018%203%2026-1%204-1%208-3%2011-7%2014-15%2027-21%2042-7%2017-13%2035-17%2053%200%202-1%204-3%205l-12%202c5%209%206%2020%205%2030-1%2012-3%2026-9%2036%207%209%2010%2021%2010%2033%201%2019%200%2037-7%2055-2%204-5%209-10%2011-1%201-4%201-4-1-2-4-2-9-3-13-2-15-9-29-20-40-8-7-17-14-26-19-6-2-11-4-16-8l-6-8c-12-32-16-67-12-101a285%20285%200%200%201%2037-113c10-16%2022-30%2035-43%2010-9%2020-17%2031-23l14-5%2032-11%2019-2h43c23%200%2044-2%2067%200Z%22%20fill%3D%22%23000000%22%2F%3E%3C%2Fg%3E%3Cg%20transform%3D%22translate(10%20-60)%22%3E%3C%2Fg%3E%3C%2Fg%3E%3C%2Fsvg%3E){kind=small}
RAPTOR — Framework Architecture
Command Reference
| Command | Purpose |
|---|---|
/raptor |
Main security assistant — general queries |
/scan |
Static analysis with Semgrep/CodeQL + LLM validation |
/fuzz |
Binary fuzzing with AFL++ and crash analysis |
/agentic |
Full autonomous security workflow |
/exploit |
Proof-of-concept exploit generation |
/patch |
Automated security patch development |
/understand |
Adversarial code analysis |
/oss-forensics |
Evidence-backed GitHub repository investigations |
Tiered Architecture
RAPTOR uses a sophisticated loading system to manage context:
Bootstrap (Always Loaded):
CLAUDE.md— Core instructions and security mindset
Tier 1 (Auto-Loaded Contextually):
- Adversarial thinking frameworks
- Recovery strategies for failed analyses
- Security-first reasoning patterns
Tier 2 (Loaded on Request): Nine expert security personas modeled after renowned researchers:
- Mark Dowd (vulnerability analysis)
- Binary exploitation specialists
- Web application security experts
- Cryptography advisors
- And more...
Agents:
- Offensive security specialist with autonomous capabilities
- SecOpsAgentKit integration for penetration testing
Core Capabilities
Static Analysis (/scan)
- Runs Semgrep and CodeQL scans
- LLM-powered validation to reduce false positives
- Prioritizes findings:
Impact × Exploitability / Detection Time
Binary Fuzzing (/fuzz)
- AFL++ fuzzing with intelligent seed generation
- Automated crash analysis and triage
- Reproducible test case generation
Vulnerability Analysis
- Advanced reasoning to identify exploitable patterns
- Cross-reference with known vulnerability databases
- Severity scoring and prioritization
Exploit Generation (/exploit)
- Proof-of-concept code for confirmed vulnerabilities
- Responsible disclosure formatting
- Impact demonstration
Patch Development (/patch)
- Automated security fix generation
- Regression test creation
- Code review-ready patches
Security Note
RAPTOR is designed for authorized security testing, defensive security research, and educational purposes. Always ensure you have proper authorization before testing systems.
FAQ
Q: What is RAPTOR? A: An autonomous security research framework for Claude Code that performs static analysis, fuzzing, vulnerability discovery, exploit generation, and patch development using AI-powered analysis.
Q: Is RAPTOR free? A: Yes, MIT license. Some underlying tools (Semgrep, CodeQL) have their own licensing terms.
Q: Who created RAPTOR? A: Security researchers Gadi Evron, Daniel Cuthbert, Thomas Dullien (Halvar Flake), Michael Bargury, and John Cartwright.