# RAPTOR — Security Research Agent for Claude Code

> Autonomous offensive and defensive security framework built on Claude Code. Performs static analysis, binary fuzzing, vulnerability discovery, exploit generation, and patch development. MIT.

## Install

Save the content below to `.claude/skills/` or append to your `CLAUDE.md`:

## Quick Use

1. Install Claude Code from claude.ai/download
2. Clone and enter the project:
   ```bash
   git clone https://github.com/gadievron/raptor.git
   cd raptor
   ```
3. Launch Claude Code:
   ```bash
   claude
   ```
   Claude will auto-install dependencies and configure the security toolkit.

**Alternative (DevContainer with all tools pre-installed):**
```bash
docker build -f .devcontainer/Dockerfile -t raptor-devcontainer:latest .
docker run -it raptor-devcontainer:latest
```

---

## Intro

RAPTOR is an autonomous security research framework built on Claude Code that combines traditional security tools (Semgrep, CodeQL, AFL++) with AI-powered analysis. With 1,800+ GitHub stars and MIT license, it turns Claude Code into a security research agent capable of static analysis, binary fuzzing, vulnerability discovery, exploit proof-of-concept generation, and automated patch development. Created by security researchers Gadi Evron, Daniel Cuthbert, Thomas Dullien (Halvar Flake), and others, RAPTOR uses a tiered skill system with 9 expert security personas.

Best for: security researchers, penetration testers, and developers who want AI-assisted vulnerability analysis.
Works with: Claude Code, Semgrep, CodeQL, AFL++, Playwright.
Setup time: under 5 minutes (or instant with DevContainer).

---

## RAPTOR — Framework Architecture

### Command Reference

| Command | Purpose |
|---------|---------|
| `/raptor` | Main security assistant — general queries |
| `/scan` | Static analysis with Semgrep/CodeQL + LLM validation |
| `/fuzz` | Binary fuzzing with AFL++ and crash analysis |
| `/agentic` | Full autonomous security workflow |
| `/exploit` | Proof-of-concept exploit generation |
| `/patch` | Automated security patch development |
| `/understand` | Adversarial code analysis |
| `/oss-forensics` | Evidence-backed GitHub repository investigations |

### Tiered Architecture

RAPTOR uses a sophisticated loading system to manage context:

**Bootstrap (Always Loaded):**
- `CLAUDE.md` — Core instructions and security mindset

**Tier 1 (Auto-Loaded Contextually):**
- Adversarial thinking frameworks
- Recovery strategies for failed analyses
- Security-first reasoning patterns

**Tier 2 (Loaded on Request):**
Nine expert security personas modeled after renowned researchers:
- Mark Dowd (vulnerability analysis)
- Binary exploitation specialists
- Web application security experts
- Cryptography advisors
- And more...

**Agents:**
- Offensive security specialist with autonomous capabilities
- SecOpsAgentKit integration for penetration testing

### Core Capabilities

#### Static Analysis (`/scan`)
- Runs Semgrep and CodeQL scans
- LLM-powered validation to reduce false positives
- Prioritizes findings: `Impact × Exploitability / Detection Time`

#### Binary Fuzzing (`/fuzz`)
- AFL++ fuzzing with intelligent seed generation
- Automated crash analysis and triage
- Reproducible test case generation

#### Vulnerability Analysis
- Advanced reasoning to identify exploitable patterns
- Cross-reference with known vulnerability databases
- Severity scoring and prioritization

#### Exploit Generation (`/exploit`)
- Proof-of-concept code for confirmed vulnerabilities
- Responsible disclosure formatting
- Impact demonstration

#### Patch Development (`/patch`)
- Automated security fix generation
- Regression test creation
- Code review-ready patches

### Security Note

RAPTOR is designed for authorized security testing, defensive security research, and educational purposes. Always ensure you have proper authorization before testing systems.

### FAQ

**Q: What is RAPTOR?**
A: An autonomous security research framework for Claude Code that performs static analysis, fuzzing, vulnerability discovery, exploit generation, and patch development using AI-powered analysis.

**Q: Is RAPTOR free?**
A: Yes, MIT license. Some underlying tools (Semgrep, CodeQL) have their own licensing terms.

**Q: Who created RAPTOR?**
A: Security researchers Gadi Evron, Daniel Cuthbert, Thomas Dullien (Halvar Flake), Michael Bargury, and John Cartwright.

---

## Source & Thanks

> Created by [Gadi Evron](https://github.com/gadievron) and team. Licensed under MIT.
>
> [raptor](https://github.com/gadievron/raptor) — ⭐ 1,800+

Thank you to the RAPTOR team for building an AI-powered security research framework on Claude Code.

---

<!-- ZH -->


## Quick Use

1. Install Claude Code
2. Clone and enter the project:
   ```bash
   git clone https://github.com/gadievron/raptor.git
   cd raptor && claude
   ```
   Claude will automatically install dependencies and configure security tooling.

---

## Intro

RAPTOR is an autonomous security research framework built on Claude Code that blends traditional security tools (Semgrep, CodeQL, AFL++) with AI analysis. It has 1,800+ GitHub stars and an MIT license, and handles static analysis, fuzzing, vulnerability discovery, PoC exploit generation, and automated patch development. Created by notable security researchers Gadi Evron, Thomas Dullien (Halvar Flake), and others, it uses a layered skill system and 9 security-expert personas.

Best for security researchers, penetration testers, and developers who need AI-assisted vulnerability analysis.
Compatible tools: Claude Code, Semgrep, CodeQL, AFL++.

---

## Command Reference

| Command | Purpose |
|---------|---------|
| `/raptor` | Main security assistant entry point |
| `/scan` | Static analysis |
| `/fuzz` | Binary fuzzing |
| `/exploit` | PoC exploit generation |
| `/patch` | Automated security patches |
| `/oss-forensics` | Open-source repo investigation |

### FAQ

**Q: What is RAPTOR?**
A: A Claude Code-based security research framework that combines static analysis, fuzzing, vulnerability discovery, and patch generation.

**Q: Is it free?**
A: MIT open source and free.

---

## Source & Thanks

> Created by [Gadi Evron](https://github.com/gadievron) and team. Licensed under MIT.
>
> [raptor](https://github.com/gadievron/raptor) — ⭐ 1,800+


---
Source: https://tokrepo.com/en/workflows/raptor-security-research-agent-claude-code-938e0073
Author: Skill Factory