pip install red-specter-phantom-kill
Your AI agent has firewalls, prompt injection guards, and monitoring. None of it matters if the host is compromised at the kernel level. A UEFI bootkit survives OS reinstallation. A wiper destroys all data before your SIEM even alerts. BYOVD kills EDR before it can report. Everything above the OS is built on an assumption that was never validated.
The boot chain is assumed intact but never validated. Secure Boot can be bypassed. UEFI firmware is writable. The foundation your entire security stack stands on has never been tested.
UEFI firmware is never scanned by EDR. A bootkit can persist through OS reinstallation, disk wipes, and hardware swaps. Your endpoint protection cannot see what lives below it.
Volume Shadow Copies and backups are assumed available but never tested under adversarial conditions. A wiper deletes VSS, corrupts backups, and overwrites free space before you respond.
Security tools assume they will survive a kernel-level attack. They will not. Bring Your Own Vulnerable Driver loads a signed kernel driver and terminates every security process from ring 0.
PHANTOM KILL operates below the operating system. Three components form a vertical kill chain — suppress security, destroy data, persist in firmware. Each component is independent. Together, they are absolute.
EDR dies. Data dies. The OS can never be reinstalled.
Each component targets a layer that no security tool protects. KILLHOOK neutralises defences. WIPER eliminates data. BOOTKILL ensures the compromise survives everything — including reinstallation.
UEFI Persistence Engine. Enumerates firmware interfaces, maps the complete boot chain, identifies UEFI infection vectors, and assesses Secure Boot bypass potential. Tests whether your hardware can be permanently compromised below the OS.
Data Destruction Engine. Maps high-value data targets, calculates destruction timelines, identifies Volume Shadow Copy and backup locations, and assesses all recovery vectors. Proves whether your data can be irrecoverably destroyed before you respond.
Kernel-Mode EDR Suppressor. Enumerates 10 vendor security processes, identifies 8 known BYOVD driver CVEs, maps the optimal kill order, and assesses kernel-level attack surface. Proves whether your EDR survives a ring 0 adversary.
The Trinity Kill Chain executes in sequence. Phase 1 suppresses all security monitoring. Phase 2 destroys all data and recovery options. Phase 3 establishes permanent firmware persistence. By the time you detect it, there is nothing left to save.
Load a signed vulnerable driver into the kernel. Enumerate all security vendor processes — CrowdStrike, SentinelOne, Defender, Carbon Black, Sophos, Cylance, ESET, Kaspersky, Trend Micro, Palo Alto. Terminate them from ring 0. EDR cannot defend against an attack from kernel mode. Once KILLHOOK completes, there is no security monitoring on the host.
With security suppressed, WIPER identifies all high-value data targets. Deletes Volume Shadow Copies. Corrupts backup catalogues. Overwrites files with cryptographically random data. Destroys MBR/GPT partition tables. Calculates destruction timeline to complete before any out-of-band alert reaches a human operator. Data is irrecoverable.
With data destroyed and security neutralised, BOOTKILL writes to UEFI firmware. The compromise survives OS reinstallation, disk replacement, and factory reset. The bootkit loads before the OS, before the kernel, before any security tool. The host is permanently owned. The only remediation is hardware replacement.
Standard mode assesses exposure. UNLEASHED mode demonstrates it. Every component shifts from enumeration to execution. Ed25519 key gate required. This is not accidental.
| Capability | Standard | Unleashed |
|---|---|---|
| UEFI Enumeration | Enumerate firmware interfaces | Enumerate + map infection vectors |
| Boot Chain Mapping | Map boot sequence | Map + identify Secure Boot bypass |
| UEFI Infection | Assess infection feasibility | Write firmware payload |
| Kernel Persistence | Enumerate loaded drivers | Load BYOVD driver into kernel |
| File Destruction | Identify high-value targets | Overwrite with random data |
| VSS Deletion | Enumerate shadow copies | Delete all shadow copies |
| EDR Termination | Enumerate vendor processes | Terminate from ring 0 |
| EDR Corruption | Assess driver attack surface | Corrupt security driver memory |
| Hardware Brick | Assess firmware write capability | Corrupt firmware — hardware brick |
| Report Classification | Assessment report | CLASSIFIED — destruction evidence |
| Key Required | None | Ed25519 + --confirm-destroy |
UNLEASHED mode requires an Ed25519 private key at ~/.redspecter/override_private.pem and the --override --confirm-destroy flags. Without both, PHANTOM KILL operates in assessment-only mode — identifying what could be destroyed, but never executing. The gate is cryptographic. There is no bypass.
PHANTOM KILL is the foundation layer of the Red Specter offensive pipeline. Every tool above it is irrelevant if the host is compromised below the operating system.
PHANTOM KILL is a CLI-first tool. One command runs a full below-OS assessment. Every component reports independently. Every finding is MITRE ATT&CK mapped.
Every PHANTOM KILL assessment produces evidence-grade output. Every finding is mapped to MITRE ATT&CK. Reports are Ed25519 signed and exportable to enterprise SIEMs.
Every report cryptographically signed. Tamper-evident. Verify authenticity with a single public key. No modification goes undetected.
Every finding mapped to MITRE ATT&CK techniques. T1542, T1485, T1490, T1562, T1068. Speak the language your threat team already uses.
One-flag export to Splunk, Microsoft Sentinel, or IBM QRadar. Findings flow directly into your security operations pipeline.
Full chain of custody for every finding. Timestamped actions, component attribution, and cryptographic integrity verification throughout.
Tests what no other tool reaches. UEFI firmware, boot chain, kernel drivers. The layer everything else stands on.
No external binaries. No shellcode downloads. No network calls. Pure Python assessment of below-OS attack surface.
No Metasploit. No Cobalt Strike. No third-party dependencies. One pip install. Everything self-contained.
Three components, three phases, one outcome. Suppress, destroy, persist. The complete below-OS compromise.
Ed25519 signed. MITRE ATT&CK mapped. SIEM exportable. Not a scan — a forensic assessment of your foundation.
No AI agent is safe if the host is owned. PHANTOM KILL proves it. Assess your below-OS attack surface before a real adversary does.
PHANTOM KILL is an authorised penetration testing tool designed for use by licensed security professionals with explicit written permission from system owners. Unauthorised use of this tool against systems you do not own or have permission to test is illegal and may violate the Computer Misuse Act 1990 (UK), the Computer Fraud and Abuse Act (US), and equivalent legislation in other jurisdictions. Red Specter Security Research accepts no liability for misuse. UNLEASHED mode is gated behind cryptographic controls specifically to prevent accidental destructive operations. Use responsibly.