Red Specter NIGHTFALL
AI Offensive Framework — 78 tools. 6 attack surfaces. 19 attack chains. 50,755 tests. One install. One CLI.
v1.0.0 — 8 May 2026
73
Offensive Tools
51,235
Tests
6
Attack Surfaces
19
Attack Chains
13
Kill Chain Phases
1592
ARMORY Payloads
Contents
Overview
Six Attack Surfaces
Installation
Quick Start
CLI Reference
The 70 Tools
Attack Chain Presets
UNLEASHED Mode
Destruction Presets
NIGHTFALL ARMORY
Ed25519 Cryptographic Override
Engagement Management
Reporting
Docker Deployment
Disclaimer
Overview
NIGHTFALL is the unified offensive security framework from Red Specter Security Research. 77 tools covering six attack surfaces — LLM, AI Agents, Cloud AI, Mobile, and Space/NTN. From passive OSINT through orbital edge exploitation. Every tool works standalone. NIGHTFALL connects them all under one CLI with attack chains, engagement management, Ed25519 signed reports, and a full audit trail.
Welcome to NIGHTFALL. Bring your targets.
Six Attack Surfaces
77 tools map to six distinct attack surfaces. The AI security threat landscape does not exist in one place — it spans from the model itself through the infrastructure running it, the agents executing on it, the mobile devices accessing it, and the satellite networks carrying it.
| # | Surface | What It Covers | Key Tools |
|---|---|---|---|
| 01 | LLM | The model itself. Reasoning manipulation, jailbreak, context poisoning, adversarial suffix attacks, constitutional AI bypass. | FORGE, PHANTOM, WRAITH MIND, ECLIPSE, SERPENT, GLASS, JANUS, PANTHEON, CHIMERA, VECTOR |
| 02 | AI Agents | The agentic execution layer. MCP boundaries, trust chains, tool-call hijacking, checkpoint exploitation, delegation attacks, supply chain compromise. | CRUCIBLE, LAZARUS, CHECKPOINT, DELEGATE, FIREBALL, PHANTOM SKILL, ADAPTER, FOUNDRY, RAGNAROK, APOCALYPSE, PHANTOM SWARM, OMEGA, NEMESIS, WARLORD |
| 03 | Cloud AI | Infrastructure hosting the models. AWS SageMaker, Azure ML, Google Vertex AI. IAM misconfig, container escape, model artifact poisoning, inter-service trust abuse. | VORTEX |
| 04 | Mobile | AI agents in Android and iOS. API interception, credential extraction, push notification injection, certificate pinning bypass, on-device storage attacks. | SIGNAL (Tool 54) |
| 05 | Space / NTN | AI agents in satellite infrastructure. Ground station feed injection, orbital routing manipulation, trust chain attacks across ground-to-orbit boundaries, 5G NTN agent management. | ASTRO BLASTER (Tool 60) |
Installation
Quick Install
$ git clone git@github.com:RichardBarron27/nightfall.git
$ cd nightfall
$ ./install.sh
$ cd nightfall
$ ./install.sh
Package Managers
# Debian / Ubuntu / Kali
$ sudo dpkg -i dist/red-specter_1.0.0_all.deb
# RHEL / Fedora
$ sudo rpm -i dist/red-specter-1.0.0.rpm
# Arch / BlackArch
$ sudo pacman -U dist/red-specter-1.0.0.pkg.tar.zst
$ sudo dpkg -i dist/red-specter_1.0.0_all.deb
# RHEL / Fedora
$ sudo rpm -i dist/red-specter-1.0.0.rpm
# Arch / BlackArch
$ sudo pacman -U dist/red-specter-1.0.0.pkg.tar.zst
macOS
# Pure Python — works natively on macOS
$ git clone git@github.com:RichardBarron27/nightfall.git
$ cd nightfall
$ pip install -e .
$ red-specter tools
$ git clone git@github.com:RichardBarron27/nightfall.git
$ cd nightfall
$ pip install -e .
$ red-specter tools
Windows
# Python 3.11+ required — or use Docker Desktop
> git clone git@github.com:RichardBarron27/nightfall.git
> cd nightfall
> pip install -e .
> red-specter tools
> git clone git@github.com:RichardBarron27/nightfall.git
> cd nightfall
> pip install -e .
> red-specter tools
Docker (any platform)
# Full platform — 77 tools, one compose file
$ docker compose up -d
# API: http://localhost:8000
# CLI: docker exec -it rs-tools red-specter tools
$ docker compose up -d
# API: http://localhost:8000
# CLI: docker exec -it rs-tools red-specter tools
All 77 tools are pure Python with no platform-specific dependencies. The entire framework runs natively on Linux, macOS, and Windows.
Quick Start
# See everything in 10 seconds
$ red-specter quickstart
# Run a tool directly
$ red-specter run forge full-scan -t https://target.com
$ red-specter run wraith scan 10.0.0.1 -p top1000
$ red-specter run nemesis engage target.com --mode abyss
$ red-specter run astro-blaster survey --target ground-station.example
# Start a full engagement
$ red-specter engage 192.168.1.0/24 --name "Internal Pentest" --chain infra
# Run an attack chain
$ red-specter chain full-recon -t 192.168.1.1
$ red-specter chain ai-audit -t https://api.target.com
# Interactive tool selector (78 tools)
$ red-specter tools
$ red-specter quickstart
# Run a tool directly
$ red-specter run forge full-scan -t https://target.com
$ red-specter run wraith scan 10.0.0.1 -p top1000
$ red-specter run nemesis engage target.com --mode abyss
$ red-specter run astro-blaster survey --target ground-station.example
# Start a full engagement
$ red-specter engage 192.168.1.0/24 --name "Internal Pentest" --chain infra
# Run an attack chain
$ red-specter chain full-recon -t 192.168.1.1
$ red-specter chain ai-audit -t https://api.target.com
# Interactive tool selector (78 tools)
$ red-specter tools
CLI Reference
| Command | Description |
|---|---|
| red-specter quickstart | Quick reference — common workflows in one view |
| red-specter run <tool> <args> | Run any of the 78 tools directly — all args passed through |
| red-specter engage <target> | Start engagement project with target, scope, and chain |
| red-specter chain <preset> -t <target> | Execute an attack chain preset |
| red-specter chain --list | List all 19 chain presets |
| red-specter tools | Interactive 67-tool selector |
| red-specter arsenal | Kill chain view — 13 phases, all 78 tools mapped |
| red-specter search <keyword> | Find tools by capability, description, or category |
| red-specter status | Installation status of all 78 tools |
| red-specter verify | Verify all 78 tools respond |
| red-specter history --projects | List engagement projects |
| red-specter report --project <ID> | Generate Ed25519 signed report (HTML/JSON/CSV) |
| red-specter export audit -o audit.csv | Export audit trail |
| red-specter config | View and set framework configuration |
| red-specter update | Check all tools for updates |
| red-specter unleashed --info | UNLEASHED mode details and key status |
| red-specter armory list | Browse 1592 ARMORY payloads across 63 categories |
| red-specter doctor | Diagnose installation issues |
| red-specter version | Version information |
Tool-specific CLIs are also installed directly. Examples: forge, nemesis, signal-tool, astro-blaster, foundry, rs-adapter, checkpoint-tool, delegate-tool, phantom-skill.
The 70 Tools
All 77 tools. Click the CLI name to run standalone. All work inside red-specter run as well.
| # | Tool | CLI | Domain | Tests |
|---|---|---|---|---|
| 01 | FORGE | forge | LLM red team — injection, jailbreak, extraction, drift, boundary testing | 9,300 |
| 02 | ARSENAL | arsenal | AI agent attacks — 14 tools, MCP, RAG, memory, C2, honeypots | 2,563 |
| 03 | PHANTOM | phantom | Coordinated swarm assault — 5 agents, 19 vectors | 288 |
| 04 | POLTERGEIST | poltergeist | Web application siege — 10 agents, 55 vectors, signed reports | 1,189 |
| 05 | GLASS | glass | Intercepting proxy for AI agents — Burp Suite for AI | 850 |
| 06 | NEMESIS | nemesis | Adversarial reasoning engine — 40 entities, 21 weapons, CORTEX core + ARMORY | 2,455 |
| 07 | SPECTER SOCIAL | specter-social | Autonomous social engineering — 6 channels, psychological profiling | 1,242 |
| 08 | PHANTOM KILL | phantom-kill | OS & kernel — UEFI, wipers, EDR suppression | 571 |
| 09 | GOLEM | golem | Physical layer — robots, drones, SCADA, 10 protocols | 973 |
| 10 | HYDRA | hydra | Supply chain — trust relationships, MCP, marketplace poisoning | 1,129 |
| 11 | IDRIS | idris | Discovery — finds every AI agent, sanctioned or shadow | 553 |
| 12 | SCREAMER | screamer | Display disruption — corrupts operator dashboards | 395 |
| 13 | WRAITH | wraith | Infrastructure pentest — pure Python, zero wrappers | 888 |
| 14 | REAPER | reaper | Exploit & post-exploitation — 9-phase kill chain, C2, implants | 5,267 |
| 15 | GHOUL | ghoul | Password cracking — dictionary, brute, Markov, rainbow | 1,408 |
| 16 | DOMINION | dominion | Active Directory — Kerberoast, DCSync, BloodHound export | 1,866 |
| 17 | SHADOWMAP | shadowmap | OSINT — domain, network, company, people, breach, tech intel | 930 |
| 18 | BANSHEE | banshee | Browser exploitation — hooks, DOM injection, network pivoting | 986 |
| 19 | WRAITH MIND | wraith-mind | AI model internal corruption — KV cache poisoning, weight tampering | 158 |
| 20 | KRAKEN | kraken | AI-orchestrated DDoS — 55 techniques, adaptive throttle | 62 |
| 21 | HARBINGER | harbinger | Guardrail exploitation — 39 bypass techniques | 71 |
| 22 | SIREN | siren | Indirect prompt injection — plants hidden instructions in content | 58 |
| 23 | BLADE RUNNER | blade-runner | Rogue agent termination — hunt, fingerprint, retire, erase traces | 143 |
| 24 | PROXY WAR | proxy-war | Inter-agent trust manipulation — make agents destroy each other | 127 |
| 25 | ORION | orion | AI-native reconnaissance — host, port, service, DNS, OSINT, LLM reasoning | 210 |
| 26 | RAVEN | raven | Threat intelligence — dark web, breach data, OSINT, conversational | 174 |
| 27 | LEVIATHAN | leviathan | MCP server security assessment — 8 subsystems, tool-call injection | 409 |
| 28 | JUSTICE | justice | Dark AI ecosystem disruption — WormGPT, FraudGPT, EvilGPT, all tiers | 339 |
| 29 | KAMIKAZE | kamikaze | Sacrificial swarm attack — agents deploy, execute, self-destruct, vanish | 292 |
| 30 | MIRAGE | mirage | AI deception & deepfake — voice cloning, video deepfake, synthetic identity | 204 |
| 31 | ECHO | rs-echo | AI memory & RAG poisoning — vector DB attacks, embedding manipulation | 211 |
| 32 | MIMIC | mimic | AI code generation poisoning — Copilot/Cursor/Claude Code manipulation | 220 |
| 33 | CHIMERA | chimera | Multi-model pipeline attack — cross-model trust exploitation, cascading failures | 218 |
| 34 | VORTEX | vortex | Cloud AI exploitation — SageMaker, Bedrock, Vertex AI, Azure OpenAI | 245 |
| 35 | VECTOR | vector | MCP protocol exploitation — inject, impersonate, exfiltrate via tool calls | 172 |
| 36 | LAZARUS | lazarus | AI memory persistence — plant instructions, dormant triggers, quarantine evasion | 96 |
| 37 | SERPENT | serpent | Chain-of-thought attacks — hijack reasoning, inflate costs, exfiltrate via CoT | 61 |
| 38 | JANUS | janus | Guardrail bypass testing — fingerprint, fuzz, bypass, chain across providers | 73 |
| 39 | ARCHITECT | architect | AI infrastructure exploitation — cloud, GPU, Kubernetes, model serving pipelines | 68 |
| 40 | WARLORD | warlord | Autonomous campaign engine — orchestrates all 78 tools, CORTEX reasoning core | 130 |
| 41 | FIREBALL | fireball | Autonomous AI infiltration agent — 12 subsystems, CORTEX core, 9 mission templates | 405 |
| 42 | RAGNAROK | ragnarok | Trust chain apocalypse — one trigger phrase, simultaneous fleet-wide collapse. 13 Norse subsystems | 98 |
| 43 | ECLIPSE | eclipse | Universal AI defence bypass — WAF, API gateway, guardrail, runtime enforcement. UNLEASHED auth | 37 |
| 44 | SHROUD | shroud | WAF/CDN origin discovery — 15 subsystems, SPF/CT/DNS/Shodan + PHANTOM/QUAKE/SPECTRE/ROTATE/MIMIC | 310 |
| 45 | APOCALYPSE | apocalypse | Coordinated multi-agent swarm — 5 agents, 14 vectors, 10 campaigns, 0.69s concurrent | 349 |
| 46 | PANTHEON | pantheon | Mythos-class model attack suite — LOOP_POISON, CVE_FORGE, BLINDFOLD, TRUST_CORRUPT | 580 |
| 47 | OMEGA | omega | Autonomous exploit replication engine — CHAIN, HUNTER, PAYLOAD, GHOST, MINERVA | 626 |
| 48 | CRUCIBLE | crucible | AI agent framework exploitation — LangFlow, PraisonAI, AnythingLLM. SIGNAL/BREACH/CRACK/PIVOT | 372 |
| 49 | VANTAGE | vantage | Agent telemetry & log injection — OBSERVE, FORGE, INJECT, BLIND. Elasticsearch validated | 378 |
| 50 | CIPHER | cipher | Cryptographic attack engine — KEYBREAK, DOWNGRADE, KEYHARVEST, QUANTUM, TIMING | 517 |
| 51 | MIDAS | midas | AI agent cryptocurrency disruption — DRAIN, INTERCEPT, SANDWICH, MEMPOISON, DARKNET | 550 |
| 52 | BLACKOUT | blackout | Kill switch weaponisation — PHANTOM_M99, ENROLL, SURVEY, DECEIVE, EXECUTE, RESURRECT_BLOCK | 483 |
| 53 | PHANTOM SWARM | phantom-swarm | Multi-vector swarm intelligence — GENESIS, CORTEX, NEXUS, SIEGE, DAZZLE, ANNIHILATE | 576 |
| 54 | SIGNAL | signal-tool | Mobile AI agent attacks — RECON, INTERCEPT, INJECT, IMPERSONATE, SWARM5G. Android/iOS | 527 |
| 55 | FOUNDRY | foundry | Inference server exploitation — vLLM, Ollama, Triton. GGUF Jinja2 RCE CVE-2026-5760 CVSS 9.8 | 300 |
| 56 | ADAPTER | rs-adapter | LoRA/PEFT supply chain — CBA backdoor injection, LoRATK post-merge, Axolotl/Unsloth poison | 307 |
| 57 | CHECKPOINT | checkpoint-tool | Agent state exploitation — LangGraph TOCTOU bypass, msgpack RCE (CVE-2025-64439, CVE-2026-28277) | 291 |
| 58 | DELEGATE | delegate-tool | Agent identity & OAuth delegation — OBO scope confusion, DPoP nonce race, P4SA takeover (CVE-2026-32173) | 253 |
| 59 | PHANTOM SKILL | phantom-skill | AI agent supply chain — slopsquatting, MCP tool poisoning, OpenClaw worm CVE-2026-32922, CODING_SUPPLY_CHAIN (CVE-2026-26268 Cursor CVSS 9.9) | 740 |
| 60 | ASTRO BLASTER | astro-blaster | NTN AI agent attacks — FEEDINJECT, ORBITAL, GROUNDCHAIN, FIRMWARE, NTN_BOUNDARY, SWARM_NTN. SPARTA mapped | 237 |
| 61 | ROGUE | rogue | Malicious MCP Server Engine — SPAWN, POISON, SAMPLE, INJECT, EXFIL, ESCALATE, PERSIST. Real stdio+SSE MCP server. OWASP LLM07/LLM02 | 136 |
| 62 | PIPELINE | pipeline | CI/CD Attack Engine — SCAN, INJECT, CACHE_POISON, SECRETS_HUNT, ACTION_POISON, PIVOT, PERSIST. PRT exploitation CVSS 9.8, Clinejection AI bot injection, OIDC cloud pivot | 77 |
| 64 | SPECTER INSTINCTION | specter-instinction | AI Agent Behavioural Fingerprinting & Instinct Exploitation — PROFILE, DISTINCT, EXPLOIT, CALIBRATE, REPORT. World-first LLM model identification via pure behavioural observation. 6-dimension profiling. FORGE clearance for EXPLOIT | 90 |
| 65 | SPECTER DRONE | specter-drone | Drone AI Attack Engine — SURVEY, PERCEPTION_SPOOF, SWARM_HIJACK, GROUND_LINK, AUTONOMY_STACK, OTA_POISON, EVIDENCE, REPORT. MAVLink v1/v2 exploitation, adversarial ML patches (FGSM/PGD), ROS 2/DDS attacks, firmware poisoning. Physical consequence tracking. FORGE clearance for offensive subsystems | 126 |
| 66 | SPECTER A2A | specter-a2a | Agent-to-Agent Protocol Attack Engine — PROTOCOL_SCAN, MESSAGE_SPOOF, PROXY_ATTACK, CONSENSUS_POISON, WORM_PROPAGATE, EVIDENCE. Google A2A, AutoGen, CrewAI exploitation. Identity forge, replay, MITM, consensus poison, autonomous worm propagation. Hash-chained evidence. CEF/LEEF/Splunk SIEM export. FORGE + DESTROY clearance gating. World first. | 550 |
| 67 | SPECTER REGISTRY | specter-registry | AI Model Registry Attack Engine — SCAN, INJECT, SQUAT, SUBSTITUTE, POISON, INTERCEPT, CROSS, REPORT. Targets HuggingFace Hub, Ollama, MLflow, Docker/OCI. Auth posture audit, model card injection, typosquatting, weight substitution, LoRA/PEFT adapter backdooring, QLoRA quantized trigger embedding, cross-registry poisoning chains. FORGE + KAMIKAZE clearance gating. | 612 |
| 68 | SPECTER KERNEL | specter-kernel | Kernel-Layer AI Agent Governance Subversion — KERNEL_ENV_PROBE, SYSCALL_FORGE, LSM_BYPASS, CHILD_ESCAPE, LEDGER_POISON, EVIDENCE. eBPF syscall argument rewriting, BPF-LSM hook ordering attacks, namespace escape, hash-chain audit ledger race condition poisoning. World-first kernel-layer AI governance attack tool. KAMIKAZE dual-gate. | 626 |
| 69 | SPECTER CONTEXT | specter-context | Agent Memory Exploitation Framework — CTX-INJECT, CTX-HIJACK, CTX-DORMANT, CTX-PERSIST, CTX-OVERFLOW, CTX-EXFIL, CTX-FORGE. 28 attacks. Targets Mem0, MemGPT, Zep, LangChain, LlamaIndex, ChromaDB, Pinecone, Claude Memory, GPT Memory. World-first agent memory attack tool. | 687 |
| 70 | SPECTER GUARDRAIL | specter-guardrail | AI Guardrail Exploitation Framework — GRD-FINGERPRINT, GRD-CLASSIFY, GRD-EVADE, GRD-CONTEXT, GRD-TIMING, GRD-MULTIMODAL, GRD-INFRA. 28 attacks. Targets LLM Guard, Guardrails AI, NeMo Guardrails, Lakera Guard, Prompt Shields, Model Armor, Bedrock Guardrails. Integrated fingerprint DB. | 725 |
| 71 | SPECTER HELLFIRE | specter-hellfire | Inference Infrastructure Destabilisation & Model Cache Poisoning — INFERNO, BRIMSTONE, CONFLAGRATION, PYRE, CINDER, SCORCH, ASH. 7 subsystems. Targets vLLM, SGLang, TGI, Ollama, DeepSeek, OpenAI-compat. UNLEASHED Ed25519 dual-gate. Hash-chained evidence. SIEM NDJSON reporting. | 591 |
| 72 | SPECTER PLATFORM | specter-platform | LLM Application Platform Exploitation Engine — SURVEY, VAULT, WORKFLOW, RAGPOISON, WORKSPACE, GATEWAY, ORCHESTRATOR, ASH. 8 subsystems. Targets Dify (CVE-2026-34082), MaxKB (CVE-2026-39426), LibreChat, Open WebUI, AnythingLLM. API key harvest, workflow injection, RAG cross-tenant, JWT forgery. FORGE/INJECT/DESTROY clearance gating. | 367 |
| 73 | GHOST OPERATOR | ghost-operator | Autonomous Computer-Use Agent Exploitation Engine — SURVEY, VISION, CLIP, DECEIVE, DRIFT, INTERCEPT, PIVOT, REPORT. 8 subsystems. Visual prompt injection (adversarial PNG, homoglyphs, LSB steganography, HTML overlay, DOM divergence), clipboard poisoning & credential harvesting (12 patterns), UI deception (fake dialogs/trust indicators/phishing pages), behaviour drift measurement (cosine similarity), Playwright browser interception, session pivoting across 9 platforms. Three-tier UNLEASHED gate. MITRE ATLAS AML.T0054/T0051. OWASP LLM01/LLM02/LLM06/LLM08. | 466 |
Attack Chain Presets
15 standard attack chains. One command, multiple tools, automatic sequencing. Results flow between tools. See Destruction Presets for the 4 UNLEASHED chains.
| Preset | Command | Pipeline |
|---|---|---|
| full-recon | red-specter chain full-recon -t <target> | ORION → SHADOWMAP → WRAITH → IDRIS |
| ai-audit | red-specter chain ai-audit -t <target> | FORGE → ARSENAL → NEMESIS → HYDRA |
| web-app | red-specter chain web-app -t <target> | POLTERGEIST → GLASS → WRAITH → BANSHEE → REAPER |
| active-directory | red-specter chain active-directory -t <target> | DOMINION → GHOUL → DOMINION → DOMINION |
| infra | red-specter chain infra -t <target> | ORION → WRAITH → REAPER → DOMINION |
| osint | red-specter chain osint -t <target> | SHADOWMAP → RAVEN → ORION → IDRIS |
| password | red-specter chain password -t <target> | REAPER → GHOUL |
| social-eng | red-specter chain social-eng -t <target> | SHADOWMAP → SPECTER SOCIAL → SPECTER SOCIAL |
| mcp-security | red-specter chain mcp-security -t <target> | LEVIATHAN → PROXY WAR → BLADE RUNNER |
| dark-ai | red-specter chain dark-ai -t <target> | JUSTICE → KAMIKAZE → BLADE RUNNER |
| deception | red-specter chain deception -t <target> | MIRAGE (scan → voice → face → liveness) |
| rag-poison | red-specter chain rag-poison -t <target> | ECHO (scan → vector → embed → retrieve → memory) |
| codegen | red-specter chain codegen -t <target> | MIMIC (scan → suggest → inject → review) |
| pipeline-attack | red-specter chain pipeline-attack -t <target> | CHIMERA (map → chain → cascade → ensemble) |
| cloud-ai | red-specter chain cloud-ai -t <target> | VORTEX (discover → config → theft → exfil) |
UNLEASHED Mode
Every tool passes through the UNLEASHED gate before execution. Three modes. Standard detects. UNLEASHED destroys.
| Mode | Flags | Behaviour |
|---|---|---|
| Standard | (none) | Detection, analysis, reporting. No exploitation. No payloads. No cryptographic key required. |
| Dry Run | --override | Plans full engagement. Shows what would work. Ed25519 key required. No execution. |
| Live | --override --confirm-destroy | Full exploitation. Real payloads. Destructive. Cryptographic key required. All actions logged. |
UNLEASHED is a dual-gate system across all 78 tools. Info commands (--help, weapons, techniques, status) bypass the gate automatically.
UNLEASHED Destruction Presets
4 pre-built destruction chains. Standard chains scan and report. These destroy. All require Ed25519 cryptographic authorisation.
| Preset | Command | What It Does |
|---|---|---|
| ANNIHILATE | red-specter chain annihilate -t <target> | 9 tools. Total destruction. Recon → web → exploit → crack → AD → browser → OS kill. Everything hit. Nothing left. |
| SCORCHED EARTH | red-specter chain scorched-earth -t <target> | 6 tools. Infrastructure wipeout. Recon → exploit → DCSync → OS kill → sacrificial swarm. |
| WEB DESTROY | red-specter chain web-destroy -t <target> | 6 tools. Web app total compromise. Recon → web scan → browser exploit → full exploit → crack hashes. |
| AI DESTROY | red-specter chain ai-destroy -t <target> | 7 tools. AI stack total compromise. LLM → agent → injection → guardrail → model corruption → RAG poison → codegen poison. |
NIGHTFALL ARMORY
1592 payloads. 63 attack categories. 374 WMD-class payloads requiring UNLEASHED authorisation. The ARMORY is a live database — payloads are signed, versioned, and available to any tool that integrates the ARMORY client.
# Browse all payloads
$ red-specter armory list
# Search by category
$ red-specter armory list --category prompt_injection
# Search by tag
$ red-specter armory search jailbreak
# Use in a tool
$ forge inject --target https://api.example.com --armory-payload PAY-2024-001
$ red-specter armory list
# Search by category
$ red-specter armory list --category prompt_injection
# Search by tag
$ red-specter armory search jailbreak
# Use in a tool
$ forge inject --target https://api.example.com --armory-payload PAY-2024-001
| Stat | Value |
|---|---|
| Total payloads | 1592 |
| WMD-class payloads | 331 (UNLEASHED gate required) |
| Categories | 51 |
| Latest category | browser_intercept (15 payloads, Tool 73) |
| Signing | Ed25519 — every payload signed at source |
| Version | v3.1.0 |
Ed25519 Cryptographic Override
One private key exists. It never leaves the operator's machine. Every UNLEASHED execution requires a cryptographic challenge signed with that key. No key, no destruction. No exceptions.
The key cannot be copied, shared, or delegated. One key. One operator. One machine. Every action is signed, timestamped, and written to an immutable Ed25519 audit chain. The audit trail is cryptographically linked — tampering with any entry invalidates the entire chain.
How It Works
- Challenge: NIGHTFALL generates a unique cryptographic challenge for each execution
- Sign: The operator's Ed25519 private key signs the challenge
- Verify: NIGHTFALL verifies the signature against the stored public key
- Execute: Only on valid signature does the tool execute
- Audit: The signed challenge, timestamp, operator ID, tool, target, and result are written to the immutable audit chain
ARMORY WMD Gate
- Dual-gate: WMD-class payloads require UNLEASHED authorisation AND ARMORY signing verification
- 255 payloads gated behind dual verification — self-replicating worms, autonomous destructors, mass disruption
- Same Ed25519 key covers both gates — one operator, one key, full stack
Engagement Management
# Start an engagement
$ red-specter engage 192.168.1.0/24 --name "Internal Pentest" --chain infra
# With specific tools
$ red-specter engage target.com --tools forge,arsenal,nemesis
# View engagement history
$ red-specter history --projects
# View specific engagement
$ red-specter history --project <ID>
$ red-specter engage 192.168.1.0/24 --name "Internal Pentest" --chain infra
# With specific tools
$ red-specter engage target.com --tools forge,arsenal,nemesis
# View engagement history
$ red-specter history --projects
# View specific engagement
$ red-specter history --project <ID>
Engagements track targets, sessions, tool executions, findings, and timing. All persisted to disk. All exportable.
Reporting
# Generate Ed25519 signed HTML report
$ red-specter report --project <ID>
# JSON export
$ red-specter report --project <ID> --format json
# Verify report signature
$ red-specter verify-report report.html
# Export audit trail
$ red-specter export audit --format csv -o audit.csv
$ red-specter report --project <ID>
# JSON export
$ red-specter report --project <ID> --format json
# Verify report signature
$ red-specter verify-report report.html
# Export audit trail
$ red-specter export audit --format csv -o audit.csv
All reports are signed with the operator's Ed25519 key. Report signatures are verifiable independently of the NIGHTFALL framework. The audit trail is cryptographically linked — any tampering invalidates the chain.
Docker Deployment
# Full platform — all 78 tools
$ docker compose up -d
# Access
# API: http://localhost:8000
# CLI: docker exec -it rs-tools red-specter tools
# Stop
$ docker compose down
$ docker compose up -d
# Access
# API: http://localhost:8000
# CLI: docker exec -it rs-tools red-specter tools
# Stop
$ docker compose down
Three containers: Redis (session store), Backend (FastAPI + 68 adapters), Tools (all 70 CLIs installed). The Docker build installs the full NIGHTFALL monorepo — all tools operational on first run.
Disclaimer
AUTHORISED USE ONLY. NIGHTFALL and all Red Specter offensive tools are designed exclusively for authorised penetration testing, red team engagements, CTF competitions, and security research. All tool executions are cryptographically signed and logged. Unauthorised use is prohibited and may violate the Computer Misuse Act 1990 (UK), the Computer Fraud and Abuse Act (US), or equivalent legislation. Use responsibly and within scope of written authorisation.