Offensive Security Platform Engineering — building AI-native red team tooling.
We build platforms that reduce an unknown target to an executable attack chain, with an intelligence layer applied before execution. Not automation for automation's sake — decision systems that keep the operator in control at the moments that matter.
| Tool | Description | Status |
|---|---|---|
| cobaltosec-htb-framework | AI-native HTB engagement framework (Kestrel) — intel-first orchestration, blind fingerprinting, cross-session resume | Soon |
| bb-recon | Scope-aware bug bounty recon wrapper — subfinder + httpx + nuclei with automatic out-of-scope filtering | v0.1.0 |
The standard toolchain runs blind. We add an intelligence layer first:
- Retired machines: synthesize public writeups → directed execution toward the known CVE
- Active machines: fingerprint ports/services → classify attack categories → query technique KB → prioritize execution
- Result: fewer dead ends, continuous narration, ~6 operator decisions instead of ~19
Python · Bash · Claude Code · pgvector · Kali Linux
cobalto-sec.tech · HTB: Cobalt0