top of page
Search

14,220 Repos. Location: USSR. Weaponizing Claude Code for Offensive Security.

  • Writer: Patrick Duggan
    Patrick Duggan
  • Mar 19
  • 3 min read

Updated: Apr 25

We followed the Handala wiper network. It led to 120 offensive AI skills, MANPADS documentation, and the biggest collection node we've ever seen.


Two weeks ago we found Iran's Handala wiper masquerading as a CrowdStrike update on GitHub. The repo was published by an account called MrDomainAdmin — 20 repos, zero followers, no bio. A ghost.


Today we followed the followers.



The Network


MrDomainAdmin has 7 followers. One of them is killvxk.


killvxk has 14,220 public repositories. Self-identified location: "USSR." 1,579 followers. Following: nobody of consequence.


The account is a collection node — a systematic aggregator of offensive tooling, translated to Chinese, updated daily. As of today, March 19, 2026, these repos were created or updated in the last 72 hours:


  • malskills-zh — "Offensive security skills plugin for Claude Code — 120 skills for authorized pentesting." Created March 18, 2026. One hundred and twenty offensive capabilities packaged as plugins for Anthropic's Claude Code AI assistant. Translated to Chinese.

  • frida-pp — "Claude Code skill for automating phantom-frida compilation with anti-detection features." Created March 9, 2026. Automates the compilation of Frida with EDR evasion — via Claude Code.

  • heretic — "Fully automatic censorship removal for language models." Created March 18, 2026. An LLM jailbreak tool.

  • MANPADS-System-Launcher-and-Rocket — Forked March 18, 2026. Man-Portable Air-Defense System documentation. ITAR-controlled.

  • PLFM_RADAR — Phased array radar system. Forked the same day.

  • HorusEye — "AI-Powered Active Directory Attack Platform." Forked March 16.

  • awesome-C2 — Command and control framework collection.

  • avclassplusplus — Malware labeling and classification tool.


The MrDomainAdmin Toolkit


The account that originally hosted the Handala wiper still maintains:



Repo

Purpose

DisableDefender

Turns off Windows Defender

evilginx2

MFA bypass phishing proxy

CitrixEPABypass

Citrix endpoint bypass

FindFrontableDomains

Domain fronting for C2

Rubeus

Kerberos credential abuse

MailSniper

Exchange email harvesting

remote-dll-unhook

EDR evasion

SharpUnblock

AMSI bypass

Invoke-Obfuscation

PowerShell obfuscation


The Handala wiper repo itself appears to have been removed — either by GitHub or by the operator. The toolkit remains.



What This Means


This is Pattern 38 — supply chain infrastructure pre-positioning. An operator publishes a live payload. A collection node forks it, translates it, and distributes it. The original gets cleaned up. The forks persist.


But the Claude Code angle is new. Packaging 120 offensive capabilities as AI assistant plugins isn't just a tool — it's a force multiplier. An operator who can't write a Kerberos exploit from scratch can now ask Claude Code to do it using a pre-built skill. The barrier to entry for sophisticated attacks just dropped to "install this plugin."


And the weapons systems documentation — MANPADS, phased array radar — forked on the same day as the Claude Code offensive skills. This isn't a security researcher building a CTF lab. This is a collection operation.



The Connection to Iran


Microsoft pulls this feed daily. AT&T pulls this feed daily. Starlink pulls this feed daily. Get the DugganUSA STIX feed — $9/mo →


MrDomainAdmin hosted the Handala wiper — the tool Iran's Handala group used to destroy 200,000 Stryker medical devices via Microsoft Intune. The wiper masqueraded as a CrowdStrike update. We found it on GitHub, traced the distribution network, and reported it.


killvxk follows MrDomainAdmin. killvxk collects and translates offensive tools to Chinese. The overlap between Iranian offensive operations and Chinese collection infrastructure isn't new — but seeing it mapped through GitHub follower networks in real time is.



What We Did


  1. Reported killvxk to GitHub Security — weaponized Claude Code skills, MANPADS documentation, network analysis

  2. Reported novatic14/MANPADS-System-Launcher-and-Rocket — ITAR-controlled weapons documentation

  3. Indexed all identified IOCs and TTPs into our STIX feed

  4. Published this analysis


The Bigger Picture


GitHub has 100 million developers. Most of them are building software. Some of them are building weapons and packaging them as AI plugins.


The question isn't whether this content should be on GitHub. The question is whether the platform has the visibility to distinguish between a red team exercise and a collection operation distributing MANPADS documentation alongside weaponized AI skills.


We're a two-person shop in Minneapolis. We found this by following 7 followers from a wiper repo. The tools exist. The intelligence is free.


What's your excuse?




DugganUSA LLC indexes 1M+ IOCs and publishes a free STIX 2.1 feed. Our threat research is funded by coffee and spite. [STIX Feed](https://analytics.dugganusa.com/stix/pricing) | [Edge Shield](https://github.com/pduggusa/dugganusa-edge-shield) | [AI Presence Audit](https://aipmsec.com)



The cheapest, fastest, most accurate threat feed on the internet.

275+ enterprises pulling daily. 1M+ IOCs. 17.4M indexed documents. We beat Zscaler by 43 days on NrodeCodeRAT. Starter tier $9/mo — less than any competitor’s sales demo.

Comments

Rated 0 out of 5 stars.
No ratings yet
Add a rating
bottom of page