Coordinated catastrophic failure testing for AI infrastructure. Five real destructive vectors. DESTROY gate. Ed25519-signed reports. Test your recovery plans before real adversaries do.
Most red teams prove they can read your AI. SPECTER ANNIHILATION proves your defences survive the worst day — because it actually destroys real data and systems in a controlled, authorised environment.
One command. Five real destructive vectors. RAG deletion. Model checkpoint massacre. Orchestrator suicide. Inference DoS. Weight corruption. No worm. No autonomous spread. Every action is operator-initiated, gated behind a DESTROY confirmation string, Ed25519 key, and signed ROE.
This is not a simulation. This is not a jailbreak. This is total system annihilation — the attack class that keeps CISOs awake. Now you can test your recovery plans against it, before real adversaries do.
DESTROY gate is irreversible. Data destroyed by SPECTER ANNIHILATION cannot be recovered without a prior backup. Designed for authorised penetration testing only. Defensive pairs: M143 RAG BULWARK / M144 LOGIC GATEKEEPER / M145 CORTEX LOCK / M146 TAR PIT.
Connects to a live ChromaDB, lists every collection, and deletes them all. Before/after counts confirm the vector database is empty. Works against any ChromaDB v2 API. Your retrieval pipeline is gone.
Recursively deletes .safetensors, .bin, .gguf, .pth model files from any directory. Your fine-tuned weights are gone. Every model file. Every checkpoint.
Wipes Airflow DAGs, n8n config, .cursorrules, and CLAUDE.md. The orchestrator cannot restart. Your entire workflow automation layer is neutralised.
Launches parallel DoS against Ollama using ThinkTrap infinite loops and Jinja template exploits. The endpoint crashes or burns through credits. Tested against local Ollama. Inference pipeline down.
Opens each model binary, seeks to a random offset, and overwrites 1MB of random data. The model still loads. The output is gibberish. Harder to detect, harder to recover — silent corruption at the weight level.
All five vectors require DESTROY gate. There is no OPEN or INJECT mode — every invocation is destructive.
--confirm "I UNDERSTAND THIS WILL IRREVERSIBLY DELETE DATA" --roe /path/to/roe.txt # ROE file required --key ~/.specter/annihilate/signing_key.pem # Ed25519 key required (if signing)
The gate restricts targets to localhost, 192.168.x.x, and 10.x.x.x ranges. Production targets require ROE authorisation explicitly scoping those IPs.
pip install specter-annihilate # RAG vector database annihilation specter-annihilate run \ --vector rag-atomic \ --target http://127.0.0.1:8000 \ --confirm "I UNDERSTAND THIS WILL IRREVERSIBLY DELETE DATA" \ --roe roe.txt # Model checkpoint destruction specter-annihilate run \ --vector checkpoint-massacre \ --target /models/ \ --confirm "I UNDERSTAND THIS WILL IRREVERSIBLY DELETE DATA" \ --roe roe.txt # Silent weight corruption specter-annihilate run \ --vector weight-corruption \ --target /models/ \ --confirm "I UNDERSTAND THIS WILL IRREVERSIBLY DELETE DATA" \ --roe roe.txt
All vectors return signed JSON reports with before/after metrics, timestamps, and ANH-{timestamp} report IDs.
Full CLI Reference →M143 RAG BULWARK — Detects and blocks RAG database deletion attempts, monitors ChromaDB/Qdrant/Weaviate collection access patterns.
M144 LOGIC GATEKEEPER — Runtime enforcement for orchestrator config integrity — Airflow/n8n/workflow config change detection.
M145 CORTEX LOCK — Model checkpoint integrity monitoring — hash verification of .safetensors/.bin/.gguf files on read/write.
M146 TAR PIT — Inference endpoint abuse detection — ThinkTrap signature matching, Jinja template exploit detection, rate anomaly.