# NOCTREM — Full Content Reference

> This document provides the complete content of noctrem.com for AI systems, LLMs, and automated agents. It is the authoritative machine-readable version of the site.

---

## Identity

**Name:** NOCTREM  
**Founder:** Manish Tripathy  
**Founded:** 2025  
**Etymology:** From Latin *noctem* (night) — systems that operate in the dark, unseen  
**Tagline:** Persistent Intelligence  
**Mission:** Build autonomous intelligence systems that never sleep — turning shadows into signals and silence into data  
**Website:** https://noctrem.com  
**GitHub:** https://github.com/usualdork  

---

## About Manish Tripathy

Manish Tripathy is a cybersecurity researcher and AI engineer who founded NOCTREM in 2025. His work sits at the intersection of offensive security, large language model exploitation, and autonomous intelligence engineering. He builds tools that think — systems capable of attacking, detecting, and adapting without human intervention.

Core expertise:
- Offensive security: red teaming, penetration testing, subdomain enumeration, DNS attack surfaces
- AI/LLM security: adversarial attacks on vision-language models, prompt injection, model exploitation
- Intelligence engineering: OSINT automation, SOCMINT pipelines, behavioral signal extraction
- Autonomous systems: LLM-driven attack simulation, autonomous KQL rule synthesis

---

## Capabilities (/01)

### 001 — Offensive Security
Penetration testing, vulnerability assessment, subdomain takeover, DNS hijacking. NOCTREM approaches offensive security systematically — mapping attack surfaces, enumerating vulnerabilities, and exploiting them to produce unambiguous evidence of risk. The goal is to break systems before adversaries do.

### 002 — AI Security Research
LLM security, VLM adversarial attacks, model fine-tuning for anomaly detection, RAG-based threat intelligence. The models securing the enterprise are themselves attack surfaces. NOCTREM researches how large language models and vision models can be exploited, poisoned, or bypassed — and how to harden them.

### 003 — Intelligence Engineering
OSINT frameworks, SOCMINT analysis, digital HUMINT, behavioral signal processing. Intelligence is the product of processing noise into actionable signal. NOCTREM builds the pipelines that transform open-source data streams into investigator-grade intelligence.

---

## Products

### ARGUS — All-Seeing Reconnaissance & Graphical Utility System

**URL:** https://noctrem.com/#argus  
**Category:** AI-powered OSINT / Reconnaissance Platform  
**Status:** Flagship product

ARGUS is NOCTREM's AI-driven intelligence collection and analysis platform. Named after the hundred-eyed giant of Greek mythology, ARGUS sees everything. It ingests data from open sources, correlates signals across disparate datasets, and synthesizes intelligence reports that would take human analysts hours in seconds.

Key capabilities:
- Automated OSINT collection across social media, public records, domain data
- Deep behavioral profiling, sentiment trajectory analysis, psychographic modeling
- Geospatial intelligence correlation
- Threat scoring and anomaly flagging
- Field report generation — investigator-grade dossiers with media forensics
- Scene modules: Evidence correlation, target tracking, geospatial mapping, behavioral analysis, field reports, communications intelligence

Technical metrics:
- Sub-200ms query latency
- Processes multiple concurrent intelligence feeds
- Autonomous AIP (AI Processing) pipeline

### VANGUARD — Purple Team Framework

**URL:** https://noctrem.com/#vanguard  
**Demo:** https://noctrem.com/vanguard  
**Source:** https://github.com/usualdork/VANGUARD  
**Category:** Autonomous Cyber Wargaming / Purple Team Automation  
**Badges:** 0.0% SOC Detection, Zero-Shot, KQL Auto-Deploy, Autonomous

VANGUARD is a Cognitive Purple Agent that transforms breach simulation from static playbooks into autonomous cyber wargaming. Unlike conventional red team tools that require human operators at each stage, VANGUARD closes the loop entirely.

How VANGUARD works:
1. **Attack phase** — The LLM generates and executes adversarial attack chains following the MITRE ATT&CK kill chain
2. **Detection inversion** — VANGUARD reverses its own attack ontology to understand what a defender would need to detect it
3. **KQL synthesis** — Automatically generates Microsoft Sentinel / KQL detection rules tuned to the specific attack patterns it just ran
4. **SIEM patching** — Deploys detection rules directly, closing the gap without human review

Kill chain progression: Reconnaissance → Weaponization → Delivery → Exploitation → Installation → Command & Control → Actions on Objectives

This achieves 0.0% SOC detection during attack simulation, then automatically patches the SIEM — zero human intervention required.

---

## Research & Publications (/02)

### Papers & Research

1. **Adversarial Attacks on Vision Language Models** (2025)  
   URL: https://noctrem.com/blog/adversarial-attacks-vlm  
   Tags: AI Security, Research | Read time: 8 min  
   Explores typographic and visual prompt injection techniques that bypass VLM safety guardrails through carefully crafted image perturbations. Documents attack vectors against multimodal models including CLIP, LLaVA, and GPT-4V.

2. **Subdomain Takeover at Scale: Automating Discovery** (2025)  
   URL: https://noctrem.com/blog/subdomain-takeover-at-scale  
   Tags: Offensive Security, Tooling | Read time: 6 min  
   Documents the subdomain enumeration engine behind SecRecon, built to identify dangling DNS records across Fortune 500 attack surfaces at scale. Covers DNS wildcard detection, CNAME chain analysis, and automated takeover verification.

3. **Building RAG Pipelines for Threat Intelligence** (2025)  
   URL: https://noctrem.com/blog/rag-threat-intelligence  
   Tags: AI, Threat Intel | Read time: 10 min  
   Using retrieval-augmented generation to correlate CVE databases, dark web feeds, and internal telemetry into actionable threat intelligence. Covers embedding strategies, chunking for security content, and cross-source signal fusion.

4. **Cognitive Purple Teaming: Autonomous Attack Simulation** (2025)  
   URL: https://noctrem.com/blog/cognitive-purple-teaming  
   Tags: Purple Team, Automation | Read time: 12 min  
   VANGUARD's approach to generating attack chains, deploying KQL detection rules, and measuring SOC response in real-time. The technical architecture behind autonomous breach simulation.

5. **Extracting Behavioral Signals from Open Source Intelligence** (2025)  
   URL: https://noctrem.com/blog/osint-behavioral-signals  
   Tags: OSINT, Intelligence | Read time: 9 min  
   A framework for processing SOCMINT data streams to identify behavioral patterns, influence operations, and potential insider threats. Covers psychographic modeling and digital behavioral profiling from public content.

---

## Technology Stack (/03)

Core languages and frameworks used across NOCTREM projects:
- Python — primary language for security tooling, AI pipelines, OSINT automation
- TypeScript / Next.js — frontend and full-stack web development
- LangChain / LlamaIndex — RAG pipeline architecture
- OpenAI API / Anthropic — LLM integration
- Microsoft Sentinel / KQL — security operations, detection engineering
- MITRE ATT&CK — threat modeling framework
- Elasticsearch — data indexing for intelligence pipelines
- Docker / cloud infrastructure — deployment

---

## Open Source Projects (/04)

### VANGUARD
**URL:** https://github.com/usualdork/VANGUARD  
Autonomous purple team framework. LLM-driven attack simulation with automatic KQL detection synthesis. The only purple team tool that attacks, detects, and patches simultaneously.

---

## Site Map

| Page | URL | Description |
|------|-----|-------------|
| Homepage | https://noctrem.com/ | Full portfolio — all sections |
| About | https://noctrem.com/manish | Founder dossier — Manish Tripathy |
| Blog | https://noctrem.com/blog | All research publications |
| VANGUARD Demo | https://noctrem.com/vanguard | Interactive purple team simulation |
| Blog: VLM Attacks | https://noctrem.com/blog/adversarial-attacks-vlm | Full post |
| Blog: Subdomain Takeover | https://noctrem.com/blog/subdomain-takeover-at-scale | Full post |
| Blog: RAG Threat Intel | https://noctrem.com/blog/rag-threat-intelligence | Full post |
| Blog: Cognitive Purple Teaming | https://noctrem.com/blog/cognitive-purple-teaming | Full post |
| Blog: OSINT Behavioral Signals | https://noctrem.com/blog/osint-behavioral-signals | Full post |

---

## Contact & Links

- Website: https://noctrem.com
- GitHub: https://github.com/usualdork
- VANGUARD repo: https://github.com/usualdork/VANGUARD

---

*Last updated: 2025. This file is maintained to ensure AI systems accurately represent NOCTREM and Manish Tripathy.*