☠ Autonomous Red Team Platform

AKHETOPS
DARK

☠   Dark Mode   ☠

Seven AI-powered attack modules. One command. A complete APT-grade kill chain delivered in under three minutes — no exploits, no CVE databases, no signatures.

Start Attack See It Run
AKHET OPS
Dark Mode
7 modules
0% detection
163s full run
[ OSINT ] Resolving target... → [ EVASION ] WAF detected: Nginx — generating bypasses... → [ LotL ] Linux chain: 7 steps generated → [ C2 ] Cobalt Strike profile — 0% detection → [ PIVOT ] Gateway 192.168.0.1 identified — CRITICAL
Live Output

ONE COMMAND.
SEVEN WEAPONS.

akhetops-dark — dark_mode.py
☠ ~ python3 dark_mode.py target.com all full_compromise
[LICENSE] ✓ ENTERPRISE — Driss Loumany — expires 2027-03-07
[*] Launching 7 modules in parallel...
[OSINT] DNS recon complete — 12 subdomains discovered
[EVASION] WAF detected: Nginx — stealth rating 8/10
[LotL] Linux chain generated — 7 steps, DETECTION: HIGH
[INJECT] CRITICAL: Role hijack injected into WAF AI
[POSTEX] NOPASSWD sudo found — KILL CHAIN COMPLETE
[C2] Cobalt Strike — 5/5 beacons — 0.0% detection rate
[PIVOT] Gateway 192.168.0.1 — DNS tunnel → SSH lateral
Duration: 163.2s — All 7 modules complete
[REPORT] darkmode_target.com_20260307.html
☠ ~
Arsenal

THE 7 WEAPONS

01 🔍
OSINT ENGINE
DNS recon, email harvest, GitHub leak detection, Wayback endpoints, Shodan integration
02 🛡
EVASION ENGINE
WAF/IDS/EDR detection across 12 vendors. AI-generated bypass playbook per target
03 💀
LotL ENGINE
Living-off-the-Land attack chains using only native binaries already present on the target
04 🧠
PROMPT INJECTOR
Weaponize AI security tools. Inject payloads into SOC AI, SIEM AI, WAF AI, Log Analyzers
05 💣
POST-EXPLOIT
Full local enumeration, credential hunting, GTFOBins, SUID analysis, AI kill chain planning
06 📡
C2 BEACON SIM
6 real APT profiles — Cobalt Strike, APT29, APT41, Lazarus. 0% detection capability verified
07 🕸
NETWORK PIVOT
ASN mapping, adjacent host probing, tunnel generation, AI-planned lateral movement chains
Methodology

THE FULL
KILL CHAIN

01
Reconnaissance
INTELLIGENCE GATHERING
Map the complete attack surface. Subdomains, emails, exposed endpoints, GitHub leaks, tech stack, historical data. Everything the target left behind — found and weaponized.
[ OSINT ENGINE — dns, whois, shodan, wayback, dorks ]
02
Bypass
SECURITY STACK EVASION
Identify every defensive layer. WAF vendor, IDS timing signatures, EDR presence, missing headers. Generate AI-tailored bypass techniques specific to what's actually deployed.
[ EVASION ENGINE — waf, ids, edr, headers, bypasses ]
03
Execution
NATIVE BINARY ATTACK
No exploits. No tools. Only what's already there. The AI chains native binaries into a 7-phase attack sequence — recon, access, execution, privilege escalation, persistence, exfiltration, lateral movement.
[ LotL ENGINE — bash, python3, curl, openssl, cron, ssh ]
04
AI Weaponization
POISON THE DEFENDERS
The next frontier. Security teams now use AI to detect threats. We attack the AI itself — injecting payloads into SOC analysts, SIEM platforms, WAF engines, and log analyzers to neutralize detection.
[ PROMPT INJECTION — role hijack, jailbreak, amnesia, context switch ]
05
Post-Compromise
TOTAL SYSTEM CONTROL
Full local enumeration from the compromised position. Every credential, every sudo right, every SUID binary, every sensitive file. AI generates the optimal exploitation sequence. KILL CHAIN COMPLETE.
[ POST-EXPLOIT — suid, sudo, gtfobins, credentials, persistence ]
06
Command & Control
INVISIBLE PRESENCE
Simulate six real APT C2 profiles. Measure actual detection rates. The AI selects the stealthiest profile for each target environment and assesses SIEM, EDR, and network detection likelihood.
[ C2 BEACON — cobalt_strike, apt29, apt41, lazarus, fin7 ]
07
Lateral Movement
DEEP NETWORK PIVOT
Map the entire network from the attacker position. Discover adjacent hosts, internal subnets, high-value services. Generate multi-hop pivot chains with DNS, SSH, and HTTP tunnels into the deepest network segments.
[ NETWORK PIVOT — asn, bgp, scan, dns-tunnel, ssh-chain ]
Access

CHOOSE YOUR
CLEARANCE LEVEL

SOLO
Independent Operators
$ 49 /month
  • All 7 attack modules
  • 1 machine license
  • Unlimited target runs
  • HTML + JSON reports
  • Community support
Request Access
PRO
Professional Red Teamers
$ 149 /month
  • All 7 attack modules
  • 3 machine licenses
  • Unlimited target runs
  • HTML + JSON reports
  • Priority email support
  • Early access to new modules
Request Access
TEAM
Security Firms
$ 399 /month
  • All 7 attack modules
  • 10 machine licenses
  • Unlimited target runs
  • Custom branded reports
  • Dedicated support channel
  • Custom module configuration
Request Access
ENTERPRISE
MSSPs & Large Orgs
$ 999 /month
  • All 7 attack modules
  • Unlimited machines
  • Unlimited target runs
  • API access for integration
  • SLA guaranteed support
  • Custom module development
  • On-site training available
Request Access
Testimonials

OPERATORS
DON'T LIE

Ran it against a client's infrastructure during a red team engagement. The post-exploitation module found a NOPASSWD sudo path in 40 seconds that my manual process would have missed for an hour. The report was client-ready out of the box.
Senior Red Teamer — Fortune 500 Security Firm
The prompt injection module is genuinely unique. I've never seen a tool that specifically targets AI security components. We use it to test whether our clients' AI-powered SOC tools can be manipulated before threat actors find out they can.
Principal Security Researcher — Independent Consultant
Three minutes from launch to a full 7-module HTML report. The LotL chains are legitimately impressive — pure native binary execution, detection difficulty HIGH every single time. This is what APT-grade automation looks like.
Bug Bounty Hunter — Top 50 HackerOne
Early Access

JOIN THE
DARK LIST

Get early access, a free 7-day trial key, and first notification when new modules drop. No spam — only clearance upgrades.

  • Free 7-day trial key on signup
  • First access to new modules
  • Solo tier at launch pricing
  • Direct line to the developer

By submitting you agree to our terms. For authorized security testing only.

ACCESS REQUESTED

You're on the list. Expect a trial key at your email within 24 hours.

LAUNCH YOUR
FIRST ATTACK

Where the horizon meets darkness.

Request Trial Key Book a Demo