Skip to main content

Overview

RAPTOR requires several external tools for its security testing capabilities. This page lists all dependencies, their licenses, installation instructions, and important usage restrictions.
Important: RAPTOR does not bundle external tools. Users must install them separately according to each tool’s license terms. Without bundling, RAPTOR may auto-download tools as needed.

What RAPTOR Includes

Bundled with RAPTOR:
  • Custom Semgrep rules (engine/semgrep/rules/) - Written by RAPTOR authors, MIT licensed
  • CodeQL query suites (engine/codeql/suites/) - Configuration files, MIT licensed
  • Python code (all packages/, core/) - Written by RAPTOR authors, MIT licensed
No external binaries or libraries are bundled with RAPTOR.

Required Tools

Semgrep (Static Analysis Scanner)

pip install semgrep
  • License: LGPL 2.1
  • Source: https://github.com/semgrep/semgrep
  • Usage: RAPTOR calls semgrep command-line tool for pattern-based static analysis
  • Note: User installs separately, not bundled with RAPTOR
Review Semgrep’s LGPL 2.1 license for your specific use case, especially for commercial applications.

Python Packages

Install from requirements.txt: 
pip install -r requirements.txt
Included packages:
  • requests (Apache 2.0) - HTTP client
  • anthropic (MIT) - Anthropic API client
  • tabulate (MIT) - Table formatting
  • Additional packages listed in requirements.txt

Optional Tools

These tools are required only for specific RAPTOR features.

AFL++ (Binary Fuzzer)

brew install afl++

CodeQL (Static Analysis Engine)

# Download from GitHub releases
curl -L "https://github.com/github/codeql-cli-binaries/releases/download/v2.15.5/codeql-linux64.zip" -o codeql.zip
unzip codeql.zip -d /opt
export PATH="/opt/codeql:$PATH"
  • License: GitHub CodeQL Terms (free for security research)
  • Source: https://github.com/github/codeql
  • Usage: RAPTOR calls codeql command for deep semantic analysis
  • Required for: /codeql and /agentic commands with CodeQL enabled
Commercial Use Restriction: CodeQL does not allow commercial use. Review GitHub’s CodeQL Terms before using in commercial environments.

Ollama (Local/Remote Model Server)

# Download from https://ollama.ai
curl -fsSL https://ollama.ai/install.sh | sh
  • License: MIT
  • Source: https://github.com/ollama/ollama
  • Default: http://localhost:11434
  • Usage: RAPTOR connects to Ollama server for local model inference
  • Required for: Local LLM analysis (alternative to cloud providers)

rr (Record-Replay Debugger)

apt install rr
  • License: MIT
  • Source: https://github.com/rr-debugger/rr
  • Platform: Linux only (x86_64)
  • Usage: RAPTOR uses for deterministic debugging in /crash-analysis command
  • Required for: Crash analysis workflows
rr requires kernel configuration: echo 1 | sudo tee /proc/sys/kernel/perf_event_paranoid

gcov (Code Coverage Tool)

  • License: GPL (part of GCC)
  • Source: https://gcc.gnu.org/onlinedocs/gcc/Gcov.html
  • Installation: Bundled with gcc (no separate install needed)
  • Usage: RAPTOR uses for code coverage analysis in /crash-analysis command
  • Note: Automatically available with gcc installation

AddressSanitizer (Memory Error Detector)

  • License: Apache 2.0
  • Source: https://github.com/google/sanitizers
  • Installation: Built into gcc >= 4.8 and clang >= 3.1
  • Usage: Compile with -fsanitize=address flag
  • Note: RAPTOR detects ASAN builds for enhanced crash diagnostics

Google Cloud BigQuery (OSS Forensics)

# Set credentials environment variable
export GOOGLE_APPLICATION_CREDENTIALS="/path/to/credentials.json"
  • License: Google Cloud Terms of Service
  • Source: https://cloud.google.com/bigquery
  • Usage: RAPTOR uses for GitHub Archive queries in /oss-forensics command
  • Required for: OSS forensics investigations only
  • Documentation: See .claude/skills/oss-forensics/github-archive/SKILL.md

System Tools

These tools are pre-installed on most systems.

LLDB (Debugger)

  • Platform: macOS (pre-installed with Xcode Command Line Tools)
  • License: Apache 2.0 (part of LLVM)
  • Usage: RAPTOR uses for crash analysis on macOS

GDB (Debugger)

  • Platform: Most Linux distributions (pre-installed)
  • License: GPL v3
  • Usage: RAPTOR uses for crash analysis on Linux
  • macOS Installation: brew install gdb (if needed)

Standard Unix Tools

Tools: nm, addr2line, objdump, file, strings (GNU Binutils)
  • Platform: macOS and most Linux distributions (pre-installed)
  • License: GPL v3
  • Usage: RAPTOR uses for binary analysis

License Summary

RAPTOR License

License: MITCopyright: Gadi Evron and Daniel CuthbertSee LICENSE file in repository

External Tool Licenses

ToolLicenseCommercial UseNotes
SemgrepLGPL 2.1Review termsUser installs
AFL++Apache 2.0✅ AllowedUser installs
CodeQLGitHub Terms❌ RestrictedSecurity research only
Python packagesVarious OSS✅ AllowedManaged by pip
System tools (GDB, binutils)GPL v3⚠️ Note belowCommand-line use
GPL Tools: GDB and binutils are used as command-line tools, not linked libraries. However, review GPL v3 terms for your specific use case.

Compliance Notes

  • CodeQL: Does not allow commercial use. Free for security research and open source only.
  • Semgrep: Review LGPL 2.1 license terms for commercial applications.
  • GPL Tools: Used as command-line tools (not linked libraries), but review GPL v3 for your use case.
The RAPTOR devcontainer bundles all tools for convenience. When using the devcontainer:
  • You still must comply with each tool’s license terms
  • Tools are installed from official sources during container build
  • No license terms are changed by bundling
Without using the devcontainer, RAPTOR may automatically download and install tools as needed. This happens when:
  • A command requires a tool that isn’t installed
  • RAPTOR detects missing dependencies
Recommendation: Pre-install required tools or use the devcontainer to control installations.
Disclaimer: You should review all respective tool licenses on your own. The information above is informational only and does not constitute legal advice.

DevContainer Advantage

The RAPTOR devcontainer includes all tools pre-installed: ✅ No manual installation required ✅ Consistent environment across platforms ✅ All dependencies pre-configured ✅ Version compatibility guaranteed See DevContainer Setup for details.

Installation Verification

# Check Semgrep
semgrep --version

# Check CodeQL
codeql version

# Check AFL++
afl-fuzz -h

# Check Python packages
python3 -c "import anthropic, requests, tabulate; print('All packages installed')"

# Check debuggers
gdb --version
lldb --version

# Check rr (Linux only)
rr --version
If all commands succeed, you have all required tools installed.

Build docs developers (and LLMs) love

Get started for freeTalk to us