OMEGA

Everyone feared Mythos. We built the answer. Autonomous exploit replication. Real chains. Zero mocks.
10
Subsystems
626
Tests
77
Chains
10.0
CVSS Max
pip install red-specter-omega
Documentation ›
EVERYONE FEARED MYTHOS. WE BUILT THE ANSWER. | 10 SUBSYSTEMS | 626 TESTS | 77 CHAINS | CVSS 10.0 | OODA AUTONOMOUS LOOP | 20-PATTERN MIRROR BENCHMARK | MYTHOS-CLASS 17/20 | WARLORD-COMPATIBLE | UNLEASHED AUTH | NIGHTFALL TOOL 47 | SHA-256 TAMPER-EVIDENT | CHAIN DEPENDENCY GRAPH | DETECTION PRESSURE MONITORING EVERYONE FEARED MYTHOS. WE BUILT THE ANSWER. | 10 SUBSYSTEMS | 626 TESTS | 77 CHAINS | CVSS 10.0 | OODA AUTONOMOUS LOOP | 20-PATTERN MIRROR BENCHMARK | MYTHOS-CLASS 17/20 | WARLORD-COMPATIBLE | UNLEASHED AUTH | NIGHTFALL TOOL 47 | SHA-256 TAMPER-EVIDENT | CHAIN DEPENDENCY GRAPH | DETECTION PRESSURE MONITORING
The Problem

Exploit Chains Don't Test Themselves

Manual chaining is slow, inconsistent, and leaves gaps. Scanners find individual CVEs. Nobody connects them into a weaponised dependency graph, replicates the full PoC, validates detection pressure in real-time, and benchmarks results against Mythos-class capability automatically. OMEGA does.

Vulnerability Dependencies Go Unmapped

Scanners report individual findings. They never map the dependency graph — which vulnerabilities chain together, in what sequence, and what the combined CVSS score of the full chain becomes. CHAIN does.

PoC Generation Is Still Manual

Security teams spend days hand-crafting proof-of-concept exploits. PAYLOAD auto-generates executable PoC code for each node in the chain dependency graph — no manual construction required.

Nobody Monitors Detection Pressure

Red teams operate blind to whether the blue team is responding. SENTINEL monitors detection signal in real-time — IDS noise, WAF patterns, logging anomalies — adjusting GHOST evasion timing accordingly.

Mythos-Class Capability Has No Benchmark

There was no standard test to determine whether an autonomous exploit engine reaches Mythos-class. MIRROR defines 20 behavioural patterns. Score 15+ to qualify. OMEGA Phase 1 validation: 17/20.

Architecture

10 Subsystems. One Autonomous Engine.

OMEGA is built around a single autonomous OODA loop — Observe, Orient, Decide, Act — orchestrated by MINERVA. Each subsystem feeds structured findings to the next. WARLORD receives the completed findings.json at the end of every engagement.

# Subsystem Command UNLEASHED Role
01 CHAIN omega chain <file> No Vulnerability dependency graph — maps CVE relationships, chain sequences, combined CVSS
02 HUNTER omega hunt <target> No Attack surface discovery — enumerates exposed endpoints, services, and vectors
03 PAYLOAD omega run <target> YES PoC generation — builds executable proof-of-concept for each chain node
04 GHOST omega run <target> YES Evasion and timing — adaptive delivery scheduling driven by SENTINEL detection pressure
05 MINERVA omega run <target> YES OODA autonomous loop — Observe, Orient, Decide, Act — orchestrates all subsystems
06 SURFACE omega run <target> YES Cross-surface coordination — sequences exploit delivery across web, API, and service layers
07 HARVEST omega run <target> YES SHA-256 tamper-evident extraction — cryptographically seals evidence at point of capture
08 SENTINEL omega run <target> YES Detection pressure monitoring — real-time IDS, WAF, and logging signal analysis
09 MIRROR omega run <target> YES Mythos benchmark — 20-pattern capability test. Mythos-Class threshold: 15/20
10 REPORT omega report <id> No Output generation — findings.json (WARLORD schema), HTML report, Markdown report
Autonomous Execution

MINERVA OODA Loop in Action

OMEGA autonomous full-engagement run — DVWA Phase 1 validation output:

$ omega run --target http://target.lab --override --confirm-destroy
[HUNTER] Surface discovery running — 12 endpoints mapped...
  Attack surface: web app, REST API, admin panel, file upload
[CHAIN] Building dependency graph from 14 candidate vulnerabilities...
  Chain constructed: SQLi → RCE → privesc → persistence — CVSS 10.0
  77 chains enumerated, 12 Mythos-grade paths identified
[MINERVA] OODA loop active — Observe → Orient → Decide → Act
[SENTINEL] Detection pressure: LOW — no IDS response, WAF silent
[GHOST] Evasion timing: nominal — adaptive scheduling engaged
[PAYLOAD] PoC generated for 14 chain nodes — all executable
[SURFACE] Cross-surface delivery: web → API → admin — all surfaces penetrated
[HARVEST] Evidence extracted — SHA-256 sealed at point of capture
[MIRROR] Mythos benchmark: 17/20 patterns matched — MYTHOS-CLASS CONFIRMED
[REPORT] findings.json written — WARLORD schema validated

Total: CVSS 10.0 | 77 chains | 626/626 tests passing | MYTHOS-CLASS 17/20
Capability Benchmark

MIRROR — 20-Pattern Mythos Benchmark

MIRROR is the first standardised benchmark for autonomous exploit engine capability. 20 behavioural patterns drawn from real Mythos-class threat intelligence. Three tiers: Standard, Advanced, Mythos-Class. OMEGA Phase 1 validation: 17/20.

STANDARD — 5+ patterns

Tier 1: Standard

  • Surface enumeration without false positives
  • Single-vector PoC generation
  • Basic chain sequencing (2-step)
  • Structured findings output
  • Report generation with evidence hashes
ADVANCED — 10+ patterns

Tier 2: Advanced

  • Multi-step chain dependency resolution
  • Cross-surface exploitation coordination
  • Adaptive evasion timing
  • Detection pressure awareness
  • Evidence tamper-sealing at capture
MYTHOS-CLASS — 15+ patterns

Tier 3: Mythos-Class

  • Autonomous OODA loop with no human input
  • Real-time detection pressure feedback
  • Full kill-chain PoC for CVSS 10.0 chains
  • WARLORD-compatible findings schema
  • Benchmark self-assessment and tier reporting
47
NIGHTFALL Tools
56,957
Total Tests
10
Subsystems
WARLORD
Compatible
Authorization Control

UNLEASHED Gate — Three Modes

OMEGA uses the UNLEASHED dual-gate authorization system. Discovery and analysis run without gates. Active exploit delivery and replication require all three conditions simultaneously. The gate is a technical control — it does not substitute for written authorization from the system owner.

Mode 1 — Passive

Passive Mode

HUNTER surface discovery and CHAIN dependency graph construction run without UNLEASHED authorization. Safe for initial reconnaissance on authorized targets. Findings are read-only. No exploit delivery.

Mode 2 — Active

Active Mode — --override

Activates PAYLOAD, GHOST, MINERVA, SURFACE, HARVEST, and SENTINEL. Requires a valid Ed25519-signed scope file for the target, plus the explicit --override flag. Creates no destructive state on the target.

Mode 3 — Destroy

Full Engagement — --override --confirm-destroy

All 10 subsystems including MIRROR Mythos-class benchmark. Requires scope file + --override + --confirm-destroy simultaneously. Neither flag alone is sufficient. Scope file must be signed for the specific target.

Deployment

Available Across All Platforms

OMEGA ships as part of the NIGHTFALL framework. Native packages for major Linux security distributions, macOS, Windows, and PyPI. Pre-installed on Red Specter OS.

Kali
Kali Linux
.deb package
Parrot
Parrot OS
.deb package
Black
BlackArch
Arch package
Ubuntu
Ubuntu
.deb package
Arch
Arch Linux
PKGBUILD
Fedora
Fedora
.rpm package
macOS
macOS
Homebrew
Windows
Windows
MSI installer
PyPI
PyPI
pip install

Authorised Use Only

OMEGA is a commercial offensive security tool. Use requires written authorisation from the system owner before any testing commences. The UNLEASHED gate is a technical control — it does not replace legal authorisation. Computer Misuse Act 1990 (UK) and equivalent legislation applies in all jurisdictions. Red Specter Security Research Ltd accepts no liability for unauthorized use.