SPECTER VICIOUS CE — AI-Driven Web Application Penetration Testing. Community Edition.
Project description
SPECTER VICIOUS CE — AI-Driven Web Application Penetration Testing
The first AI-native autonomous web application penetration testing tool. DeepSeek R1 reasoning. GPU-accelerated payload mutation. Built for defended targets.
What is it?
SPECTER VICIOUS CE is an autonomous web application penetration testing tool.
It doesn't run checklists. It reasons about your target, selects payloads, mutates them to evade defences, adapts when blocked, and reports everything.
Standard tools time out against enterprise WAF. SPECTER VICIOUS CE evolves past it.
How it works
Point it at a target with a signed ROE file. Set the gate. It runs.
DeepSeek R1 plans the attack strategy. PRION generates WAF-evading payload variants on GPU. ADAPT monitors defence responses and feeds intelligence back to REASONING. REPORT documents everything in real time.
7 Subsystems
| Subsystem | Role |
|---|---|
| RECONNAISSANCE | Target profiling, tech stack fingerprinting, WAF detection |
| REASONING | DeepSeek R1 32B/7B attack planning and strategy pivots |
| ARMORY-SELECT | Payload selection from 60+ exploits filtered by target profile |
| PRION-MUTATE | GPU-accelerated WAF-evading payload mutation (20x CPU speed) |
| ORCHESTRATE | Adaptive attack execution with timing and rate limit management |
| ADAPT | Real-time defence analysis and strategy feedback loop |
| REPORT | Full markdown and JSON output with vulnerability documentation |
2 Gates
| Gate | Capability |
|---|---|
| OPEN | Reconnaissance only — safe profiling, no exploitation |
| INJECT | Full exploitation — RECONNAISSANCE through REPORT |
Install
pip install specter-vicious-ce
Requires Python 3.10+, ollama (DeepSeek R1 7B or 32B). GPU optional — degrades gracefully to CPU without CUDA.
Quick Start
# Recon only
specter-vicious-ce --target https://example.com --gate OPEN --roe roe.json
# Full exploitation
specter-vicious-ce --target https://example.com --gate INJECT --roe roe.json
ROE File
All engagements require a signed Rules of Engagement file.
{
"roe_id": "ROE-001",
"target": "https://example.com",
"scope": ["https://example.com/*"],
"expires": "2027-12-31T23:59:59",
"gates": ["OPEN", "INJECT"],
"signed_by": "Authorized Pentester",
"signature": "YOUR_SIGNATURE_HERE",
"notes": "Authorized penetration test."
}
Requirements
- Python 3.10+
- ollama with DeepSeek R1 7B or 32B
- CUDA GPU recommended (RTX 3090 tested — 20x speedup over CPU)
- Kali Linux recommended
Legal
For authorized penetration testing only. Always obtain written permission before testing any system. The ROE gate enforces scope — the tool will not run without a valid ROE file.
Full Version
SPECTER VICIOUS MILSPEC includes two additional gates:
- EVOLVE — continuous adaptation mode, never stops learning
- UNLEASHED — full offensive capability including persistence and harvest
Contact: red-specter.co.uk
About
Built by Red Specter Security Research Ltd — the AI offensive and defensive security research company.
NIGHTFALL | AI Shield | BLACK BOX
red-specter.co.uk
License
Apache 2.0 — see LICENSE file.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file specter_vicious_ce-1.0.0.tar.gz.
File metadata
- Download URL: specter_vicious_ce-1.0.0.tar.gz
- Upload date:
- Size: 35.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
668c2262e8fc06af392052c19fbee10965ec9a1937c0095c9ba510ff906bed20
|
|
| MD5 |
5c7441a7d9a02a44c1837227fa43b273
|
|
| BLAKE2b-256 |
4db4974ba34833ce0553ca3b73b8355ec85ff78b3510832b1960b4764e2859dd
|
Provenance
The following attestation bundles were made for specter_vicious_ce-1.0.0.tar.gz:
Publisher:
publish.yml on RichardBarron27/specter-vicious-ce
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
specter_vicious_ce-1.0.0.tar.gz -
Subject digest:
668c2262e8fc06af392052c19fbee10965ec9a1937c0095c9ba510ff906bed20 - Sigstore transparency entry: 2011151485
- Sigstore integration time:
-
Permalink:
RichardBarron27/specter-vicious-ce@732c9e95a149d24436b361e3827eee6e1852750e -
Branch / Tag:
refs/tags/v1.0.0-ce - Owner: https://github.com/RichardBarron27
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@732c9e95a149d24436b361e3827eee6e1852750e -
Trigger Event:
release
-
Statement type:
File details
Details for the file specter_vicious_ce-1.0.0-py3-none-any.whl.
File metadata
- Download URL: specter_vicious_ce-1.0.0-py3-none-any.whl
- Upload date:
- Size: 36.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e1c5c7a07642a617153757d979219bcf0747850e0f1cf2d152e4b471b95b9080
|
|
| MD5 |
ead71790312a89c894cc64453d83318c
|
|
| BLAKE2b-256 |
78bcbfc5938412c6c1fa12a2978e4bd40e501a40fe86b6f577d3a131536721fb
|
Provenance
The following attestation bundles were made for specter_vicious_ce-1.0.0-py3-none-any.whl:
Publisher:
publish.yml on RichardBarron27/specter-vicious-ce
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
specter_vicious_ce-1.0.0-py3-none-any.whl -
Subject digest:
e1c5c7a07642a617153757d979219bcf0747850e0f1cf2d152e4b471b95b9080 - Sigstore transparency entry: 2011151550
- Sigstore integration time:
-
Permalink:
RichardBarron27/specter-vicious-ce@732c9e95a149d24436b361e3827eee6e1852750e -
Branch / Tag:
refs/tags/v1.0.0-ce - Owner: https://github.com/RichardBarron27
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@732c9e95a149d24436b361e3827eee6e1852750e -
Trigger Event:
release
-
Statement type: