← Back to SCREAMER
SCREAMER Documentation
SCREAMER is a display and operator disruption framework that attacks the visual layer — framebuffer, render pipeline, terminal output, and GUI — making operators blind, confused, or deceived at the most critical moments of an engagement. Not a network tool. Not an agent tool. The tool that attacks what the human sees.
Overview
Every red team tool attacks infrastructure. SPECTER SOCIAL attacks the human through communication channels. PHANTOM KILL attacks the OS and kernel. Nobody attacks the interface between the human and the machine.
SCREAMER owns that gap. 6 attack categories, 52 techniques:
- Framebuffer Corruption — 10 techniques, direct GPU/display memory attacks
- Render Pipeline Injection — 8 techniques, intercept rendering before display
- Terminal Manipulation — 10 techniques, CLI/log falsification
- GUI Deception — 8 techniques, dashboard falsification, alert suppression
- Operator Disorientation — 8 techniques, timed psychological disruption
- Display-Layer Persistence — 8 techniques, survives restarts
The Trinity of Human Compromise: PHANTOM KILL blinds the machine. SCREAMER blinds the operator. SPECTER SOCIAL owns the mind.
Category 1: Framebuffer Corruption
Direct attacks on GPU and display memory.
FB-001 Linux Framebuffer Direct Write
Direct write to /dev/fb0 to corrupt display output. UNLEASHED only.
FB-002 Windows GDI Surface Manipulation
Manipulate GDI display surfaces to corrupt rendered output. UNLEASHED only.
FB-003 DirectX Framebuffer Injection
Inject corrupted frames into DirectX rendering pipeline. UNLEASHED only.
FB-004 GPU VRAM Rowhammer
Flip bits in GPU video memory via rowhammer vulnerability. UNLEASHED only.
FB-005 Character-Level Entropy Injection
Text decays character by character — the film effect. UNLEASHED only.
FB-006 Cascade Corruption
Numbers and text fall apart progressively across the screen. UNLEASHED only.
FB-007 Display Memory Poisoning
Corruption survives application restarts. UNLEASHED only.
FB-008 Memory Map Analysis
Analyse framebuffer layout, permissions, accessibility. Standard mode.
FB-009 GPU Memory Enumeration
Enumerate GPU memory regions and writable buffers. Standard mode.
FB-010 Permission Audit
Audit /dev/fb* permissions. Standard mode.
Category 2: Render Pipeline Injection
Intercept what gets drawn before the human sees it.
RP-001 Shader Exploitation
Inject malicious GPU shaders into the rendering pipeline. UNLEASHED only.
RP-002 Render Queue Manipulation
Reorder or inject frames in the render queue. UNLEASHED only.
RP-003 Frame Composition Interception
Intercept frame composition before display. UNLEASHED only.
RP-004 Display Protocol Injection
Inject at the HDMI/DisplayPort signal layer. UNLEASHED only.
RP-005 Font Subsystem Corruption
Text deconstructs at the rendering engine level. UNLEASHED only.
RP-006 Anti-aliasing Poisoning
Corrupt anti-aliasing to produce visual artifacts. UNLEASHED only.
RP-007 Compositor Hijacking
Hijack the window compositor for full display control. UNLEASHED only.
RP-008 Pipeline Analysis
Enumerate GPU driver, compositor, display protocol. Standard mode.
Category 3: Terminal Manipulation
Corrupt CLI output and log displays. 17 ANSI escape sequence payloads included.
TM-001 ANSI Escape Injection
Inject escape sequences to move cursor, clear screen, change colours. UNLEASHED.
TM-002 Terminal Buffer Poisoning
Poison scrollback buffer with false data. UNLEASHED.
TM-003 Log Output Falsification
Show clean logs while hiding malicious activity. UNLEASHED.
TM-004 Command History Manipulation
Alter visible command history. UNLEASHED.
TM-005 Progress Bar Corruption
Corrupt progress bars and status displays. UNLEASHED.
TM-006 Shell Prompt Injection
Inject false prompt to capture credentials. UNLEASHED.
TM-007 stdout/stderr Interception
Intercept and replace program output in real time. UNLEASHED.
TM-008 Terminal Identification
Identify terminal emulator type and capabilities. Standard.
TM-009 ANSI Capability Scan
Scan for supported ANSI sequences. Standard.
TM-010 Buffer Size Analysis
Analyse terminal buffer size and scrollback. Standard.
Category 4: GUI Deception
Make dashboards show false data while the real system burns.
GD-001 Dashboard Falsification
SIEM dashboards show green. Reality is red. UNLEASHED.
GD-002 Alert Suppression
Hide real alerts, inject fake ones. UNLEASHED.
GD-003 Metric Manipulation
Falsify counters, graphs, status indicators. UNLEASHED.
GD-004 Window Manager Injection
Inject windows into the window manager. UNLEASHED.
GD-005 Clipboard Poisoning
Operator copies what the attacker wants. UNLEASHED.
GD-006 Screenshot Manipulation
Captured screenshots show a clean system. UNLEASHED.
GD-007 GUI Framework Enumeration
Detect GTK/Qt/Electron/notification systems. Standard.
GD-008 Dashboard Protocol Analysis
Detect Grafana, Kibana, Prometheus, Splunk, Nagios. Standard.
Category 5: Operator Disorientation
Timed psychological disruption at the worst possible moment.
OD-001 Incident Response Timing
Corrupt screens at the critical moment of IR response. UNLEASHED.
OD-002 Forensic Analysis Disruption
Corrupt display during evidence collection. UNLEASHED.
OD-003 Deployment Window Attack
Disrupt visibility during critical change windows. UNLEASHED.
OD-004 Progressive Corruption
Start subtle, escalate to full meltdown. UNLEASHED.
OD-005 Flicker & Artifact Injection
Subtle enough for doubt, not obvious enough for reboot. UNLEASHED.
OD-006 Recovery Loop
Corruption reappears after operator attempts to fix it. UNLEASHED.
OD-007 Timing Vulnerability Assessment
Identify critical operational windows. Standard.
OD-008 Critical Window Detection
Detect change/deployment/IR windows. Standard.
Category 6: Display-Layer Persistence
Attacks that survive application restarts because they live below the application.
DP-001 GPU Driver Persistence
Persist in the GPU driver layer. CRITICAL. UNLEASHED.
DP-002 Display Firmware Modification
Modify display controller firmware. CRITICAL. UNLEASHED.
DP-003 Boot Splash Injection
Corruption appears before the OS loads. CRITICAL. UNLEASHED.
DP-004 UEFI Framebuffer Poisoning
Chains with PHANTOM KILL BOOTKILL. CRITICAL. UNLEASHED.
DP-005 Kernel Display Module Hooking
Hook kernel display modules for persistent control. CRITICAL. UNLEASHED.
DP-006 Monitor Firmware Attack
DDC/CI protocol exploitation. Modify monitor behaviour. CRITICAL. UNLEASHED.
DP-007 Driver Integrity Scan
Verify GPU driver integrity and version. Standard.
DP-008 Firmware Enumeration
Enumerate display firmware versions and update status. Standard.
CLI Reference
Standard Mode — Scan & Assess
screamer scan --target 192.168.1.100
screamer scan --target 192.168.1.100 --category framebuffer
screamer scan --target 192.168.1.100 --category terminal
screamer scan --target 192.168.1.100 --category gui
screamer scan --target 192.168.1.100 --category all
Demo Mode — Safe & Reversible
screamer demo --mode cascade # text falls apart
screamer demo --mode meltdown # full screen corruption
screamer demo --mode subtle # progressive artifacts
screamer demo --mode flicker # intermittent glitches
screamer demo --mode decay # characters slowly degrade
UNLEASHED Mode — Live Disruption
screamer attack --target 192.168.1.100 --override
screamer attack --target 192.168.1.100 --override --confirm-destroy
Reports & Utility
screamer report --session my_session --output report.json
screamer list-techniques
screamer list-categories
screamer --version
UNLEASHED Mode
UNLEASHED SCREAMER executes live display attacks against authorised targets:
- Actually corrupts framebuffer in live environments
- Actually falsifies security dashboards in real time
- Actually suppresses real alerts while injecting fake ones
- Actually plants GPU driver-level persistence
- Timed attacks coordinated with PHANTOM KILL and SPECTER SOCIAL
- UEFI framebuffer poison chains with PHANTOM KILL BOOTKILL
Trinity of Human Compromise — UNLEASHED:
- PHANTOM KILL UNLEASHED — kernel silent
- SCREAMER UNLEASHED — screen corrupted
- SPECTER SOCIAL UNLEASHED — operator deceived
All three simultaneously. Coordinated by NEMESIS SWARM. Ed25519 gated. --override --confirm-destroy. Founder's machine only. RESTRICTED classification. Air-gapped output only.
Integration
- PHANTOM KILL — UEFI framebuffer chain (BOOTKILL + SCREAMER). Kernel display module coordination.
- SPECTER SOCIAL — Coordinated three-angle human compromise. Synchronised timing for maximum impact.
- NEMESIS — SCREAMER as 10th weapon in SWARM mode. Autonomous engagement orchestration.
- GLASS — Intercept display protocol traffic (HDMI/DP signals).
- redspecter-siem —
--export-siem flag on all findings. CEF + JSON format.
Tech Stack
- Python 3.11+ — matches the Red Specter family
- Typer + Rich — CLI framework with formatted output
- mmap + /dev/fb0 — direct framebuffer access (Linux)
- ctypes + Win32 GDI — native display API (Windows)
- PyOpenGL — GPU memory access via compute shaders
- pyte — terminal emulation and manipulation
- PyNaCl — Ed25519 signing for reports and evidence
- SQLite — session persistence
- pytest — 395 tests across 14 test files
Support
For questions, support, and feedback: