NERF Open Source AI Security Engineering Platform Enters Public Beta
What NERF Does
NERF is an AI security engineering platform and autonomous coding agent that covers offensive, defensive, and everything in between. The platform includes 1,563 security techniques across 117 domains, organized into 9 auto-detected operating modes:
- 🔴 RED - Attack paths, exploitation, C2, lateral movement
- 🔵 BLUE - Detection engineering, Sigma/KQL/SPL rules, hardening, threat hunting
- 🟣 PURPLE - ATT&CK mapping, adversary emulation, detection coverage, gap analysis
- 🔍 RECON - OSINT, passive/active recon, asset discovery
- 🚨 INCIDENT - Triage, digital forensics, containment, timeline reconstruction
- 🏗️ ARCHITECT - Zero trust, threat modeling (STRIDE/DREAD/PASTA)
- 🔧 BUILD - Security tooling, automation, CI/CD security, IaC
- 🟢 PRIVACY - GDPR, CCPA, HIPAA, DPIAs, OpSec
- 🔬 RESEARCHER - Vulnerability research, CVE analysis, threat intel
BUILD mode layers on top of any other mode. RED+BUILD produces offensive tools, BLUE+BUILD produces defensive automation.
Technical Architecture
Under the hood, NERF includes:
- 26 LLM providers (Claude, OpenAI, Ollama, OpenRouter, etc.) via unified routing layer with per-phase model selection (cheap models for research, expensive for planning)
- RAG pipeline over 96 knowledge docs (17,800+ chunks, FTS5 indexed)
- Cross-session memory that persists across engagements
- Compliance automation for 39 frameworks (NIST 800-53, SOC 2, PCI DSS 4.0, HIPAA, GDPR, ISO 27001, FedRAMP, EU AI Act, and more)
- Full engagement engine: work decomposition, auto mode, budget enforcement, crash recovery, git worktree isolation
- REST API (16 endpoints), MCP server, Signal bot, full CLI
- ~6,900 tests passing
Getting Started
Quick start commands:
npm install -g @defconxt/nerf
nerf setup
nerf doctor
nerf (in your project directory)Example usage:
nerf scan https://example.com
nerf compliance SOC2
nerf how do I detect Kerberoasting
nerf red --auto pentest the targetAdditional Resources
The main site also includes threat actor profiles and comprehensive dossiers, privacy protection tools, and automated IT/Cybersecurity News aggregated into one spot. This is a public beta - not accepting contributions yet, but feedback is welcome via GitHub issues.
📖 Read the full source: r/ClaudeAI
👀 See Also
Academic Research Skills for Claude Code: A Human-in-the-Loop Pipeline for Paper Writing
Academic Research Skills (ARS) v3.7.0+ is a Claude Code plugin that automates reference hunting, citation formatting, data checking, and logical consistency review while keeping the human researcher in control. Install via /plugin marketplace add Imbad0202/academic-research-skills.
Hearth: Self-Hosted Multi-User AI Chat App for Households on OpenClaw
Hearth is a self-hosted household AI chat app built on OpenClaw that provides separate accounts and conversations for each family member, with features including PIN/biometric login, private chats, reminders, and model presets.
Claude Cowork vs OpenClaw: Where the replacement narrative holds and breaks
Claude Cowork offers persistent desktop sessions with low friction, while OpenClaw maintains advantages in system-level automation, skill ecosystems, and workflow control.
Agent Kernel: Three Markdown Files for Stateful AI Agents
Agent Kernel provides three markdown files that enable stateful behavior in AI coding agents without databases or custom frameworks. It works with OpenCode, Claude Code, Codex, Cursor, Windsurf, and similar tools.