Skip to main content

Autonomous Security Research Framework

RAPTOR transforms Claude Code into an AI security agent that autonomously scans code, fuzzes binaries, generates exploits, and creates patches—combining traditional security tools with advanced LLM reasoning.

Get startedView architecture

Get started in minutes

RAPTOR works with Claude Code for interactive security testing or standalone Python scripts for automation

1

Install dependencies

Clone the repository and install RAPTOR dependencies:
git clone https://github.com/gadievron/raptor.git
cd raptor
pip install -r requirements.txt
Install security tools (Semgrep, CodeQL, AFL++). Or use the pre-configured devcontainer with all tools included.
2

Configure your API key

Set your LLM provider API key for autonomous analysis:
export ANTHROPIC_API_KEY="your-key-here"
# OR
export OPENAI_API_KEY="your-key-here"
RAPTOR supports Anthropic Claude, OpenAI GPT, Google Gemini, and local models via Ollama
3

Run your first scan

Launch an autonomous security scan with exploit generation:
python3 raptor.py agentic --repo /path/to/code
Or use Claude Code for interactive analysis:
claude
# Then type: /scan

[*] Starting full autonomous workflow (Semgrep + CodeQL)...
[*] Found 15 vulnerabilities
[*] Analyzing with LLM...
[*] Generating exploits for 5 critical findings...
[*] Creating patches for all vulnerabilities...

Results saved to: out/scan_myapp_1234567890/

Complete security testing toolkit

From static analysis to exploit generation, RAPTOR handles the full security research lifecycle

Static code analysis

Scan source code with Semgrep and CodeQL for vulnerabilities, with automatic dataflow validation

Binary fuzzing

Fuzz binaries with AFL++, collect crashes, and generate working exploits with GDB analysis

Exploit generation

Automatically generate compilable exploit PoCs in C with frontier LLM models

Patch creation

Create secure patches with LLM-powered code fixes and validation

Multi-agent orchestration

17 specialized agents for crash analysis, OSS forensics, and exploitability validation

Expert personas

Load 9 expert personas on-demand for specialized security analysis tasks

Choose your workflow

Interactive Claude Code integration or Python CLI for automation

💬
Claude Code

Interactive security testing

Conversational interface with slash commands, progressive expertise loading, and real-time analysis

Learn more
🐍
Python CLI

Automated security workflows

Scriptable interface for CI/CD integration, batch processing, and automated security testing

Learn more

Available commands

Comprehensive security testing capabilities at your fingertips

/scan
Static analysis with Semgrep + CodeQL
/fuzz
Binary fuzzing with AFL++
/agentic
Full autonomous workflow
/exploit
Generate exploit PoCs
/patch
Create security patches
/validate
Exploitability validation
View all commands →

Modular architecture

RAPTOR’s layered design separates concerns cleanly: 9 independent security packages, a shared core layer, and progressive expertise loading for optimal context management.

  • 9 security packages with no cross-dependencies
  • 17 specialized agents for autonomous workflows
  • Tiered expertise system with 9 expert personas
  • Provider-agnostic LLM abstraction layer
Explore the architecture

Resources and community

Everything you need to get the most out of RAPTOR

Dependencies

External tools and license information

DevContainer

Pre-configured development environment

Contributing

How to contribute to RAPTOR

Ready to start hunting vulnerabilities?

Get started with RAPTOR in under 5 minutes. Clone the repo, configure your API key, and run your first autonomous security scan.

Get started now