top of page
BruCON-2022-102 (1).png

Vibe Off, Spec On — Building Real Offensive Tools with Claude Code

3-day in-person

Most "AI for hackers" courses are closed-lab cosplay — a curated exercise on rails wrapped around prompt screenshots, the same pre-made tool every time. This is the opposite. On Day 1 morning the class "votes on a real tool" to build over the next three days, writes a real PRD with Claude in the room, and ships it by Day 3.


Nobody — instructor included — knows what we'll land on. Likely, different students will ship very different tools. That is the point.


At the end, the student will Claude Code guru.

Two parallel tracks every session: a method track (Claude Code internals, custom skills, subagents, hooks, MCP authoring, eval harnesses, deployment, code review, distribution) and a live build track on the chosen tool. Spec-driven with OpenSpec. No vibe coding. No premade labs. No "build me a million-dollar app" prompts.


Built on two years of personal R&D — including FOIL (https://foil.peachstudio.be), a security code scanner built largely with Claude that surfaced multiple ~22-year-old zero-days — and reframed against Anthropic's Mythos Preview (Project Glasswing). It's a very complex implementation, using GPU inference libs, it gives the idea of the Claude Code potential

Course Overview


Every session has two tracks running in parallel: a method/tool track (formal training) and a real-life build track on the class-voted tool (live driven by the instructor).


Day 1 — Tool, environment, and what we're building

**S1 · Meet your new best friend (or girlfriend, considering the cost) — Claude Code 101 for offensive engineers.**

  • Anatomy of the loop: tools, plan mode, sub-agents, MCP at a glance

  • Settings hierarchy, permissions, context window economics

  • Where Claude shines, where it lies, what the bill actually looks like at the end of a real R&D week


**S2 · Make new Claude Code gurus — the full power-user toolkit.**

The deep-dive section. By the end of S2 a student can install, customize, extend, and **distribute** Claude Code as a hardened personal toolkit:

  • `CLAUDE.md` hierarchy (project / user / nested) and context augmentation done right

  • **Custom skills** — authoring, packaging, distributing

  • **Subagents** — Explore, Plan, security-reviewer, case study: the opensourced threat profiler skills (available on the Claude Skills Marketplace of PeachStudio)

  • **Hooks** — `UserPromptSubmit`, `PreToolUse`, `Stop`, `SessionStart`; using hooks as guardrails on offensive tooling

  • **Custom slash commands**

  • **MCP servers** — consuming and **authoring your own**

  • Output styles, statuslines, keybindings

  • Background tasks, scheduled agents, plan mode, worktrees

  • The plugins ecosystem — install, audit, ship your own


**S3 · Vibe? No thanks.**

  • Why offensive tooling **must not** be vibe-coded

  • Spec-driven development with **OpenSpec**: from idea to PRD to architecture to code

  • Patterns that survive when the agent goes sideways


**Cross-cutting (Day 1):** the class polls and votes on the tool to build over the next three days. PRD drafted live with Claude, human in the loop. Repo bootstrapped end of day.


### Day 2 — Build, test, integrate

**S4 · Testing harness for non-deterministic systems.**

  • TDD with Claude Code on real code

  • Eval-driven testing for agentic sub-components

  • Golden tests, regression tests

  • Documentation and memory management


**S5 · Deploy and integrate.**

  • SaaS deployment patterns for offensive tooling

  • **MCP** for live-environment interaction

  • Dev inside containers, sandboxing, blast-radius control

  • Thinking smart, simplify your life


**Cross-cutting (Day 2):** the voted tool advances — PRD → architecture → implementation → first integration tests.


### Day 3 — Distribute, secure, survive

**S6 · Distribute your work.**

  • Packaging and releasing offensive tooling safely, let's containerise it

  • Plugins, SDK, internal-only distribution patterns


**S7 · Local LLM with Claude (brief).**

  • When sensitive ops can't leave the host

  • HuggingFace, how to choose a model that works, maybe, in Claude

  • Use of the opensource project claude-code-local (peachstudio)

  • Local-model trade-offs, hybrid setups, when to stay on Claude


**S8 · Secure your code, code review with Claude — before and after the Mythos era.**

  • Claude-driven code review workflows

  • What the Anthropic **Mythos Preview** (Project Glasswing, 2026-04-07) changed: autonomous zero-day discovery against OpenBSD (27-year-old TCP SACK bug)

  • Finding vulnerabilities with Foil (community edition), triage with Claude, ohh yes what a sweetspot: How I found a 22y old vuln on a popular bootloader/embedded firmware. CVE in attribution at the time of writing so, cannot disclose more.

  • What Mythos means for the tooling *we* just built — both as defenders and as offensive engineers


**Cross-cutting close (Day 3):** ship and demo the class-built tool. Retrospective on what worked, where Claude failed, what the audience would do differently and finally Beers to celebrate.


## What students will take home

  • Battle-tested Claude Code workflows for offensive R&D

  • The full power-user toolkit: custom **skills**, **subagents**, **hooks**, **slash commands**, **MCP servers**, plugins, output styles — authored and distributed, not just consumed

  • Spec-driven discipline (**OpenSpec**) that prevents catastrophic vibe-coding in security tooling

  • An eval/test harness pattern for agentic and non-deterministic components

  • MCP integration patterns for real, live environments

  • A real, working tool the cohort designed and shipped together — optionally open-sourced

  • The trainer's two years of accumulated tweaks, dead-ends, and secrets — including the workflow behind **FOIL** (https://foil.peachstudio.be)

Target Audience


Developers, security researchers, and tool authors who want to stop watching demos and start shipping.


You don't need to be a hacker — you need to want to build.



Pre-requisites


  • Comfortable with shell, git, and either Python or TypeScript

  • Working knowledge of offensive security fundamentals

  • Laptop with **Docker** installed

  • Active **Claude Code** account (Pro/Max or API). A budget guidance note is sent two weeks before the training so nobody hits a credit ceiling on Day 2


All exercises run on each student's own laptop. There is no shared lab infrastructure — by design.


## Special equipment / licensing requirements

  • Student-side: laptop, Docker, Claude Code account (own subscription or API key with budget)

  • No room-side requirements beyond standard projector + whiteboard

  • All software used in the training is either open-source, free-tier, or covered by the student's own Claude Code subscription


Tainer Bio


Vito Rallo is a cybersecurity expert and product builder. Founder of Peach Studio (Brussels), an AI product studio at the intersection of security and generative systems. With 25+ years in technology and 18+ in cybersecurity, Vito previously led Red Team global units at Kroll and PwC and started his career as an ethical hacker on the IBM X-Force team. He co-founded Crimson7 in Brussels.


Today he works as Consult Partner for Cybersecurity in Kyndryl and free time he focuses on hands-on AI-assisted offensive R&D with Claude Code — including FOIL, a tool he developed largely with Claude that surfaced multiple ~22-year-old zero-days — and on training the next generation of practitioners to build, ship, and secure their own offensive tooling.


Vito is actively involved in cybersecurity research and innovation, and enjoys delivering keynotes and talks to security conferences.



bottom of page