Announcing UniCon

UniCon, our very own Unicorn Conference, is a free conference for security researchers, developers, red teamers, blue teamers, and purple teamers taking place on August 20! We will have two excellent keynotes from Olaf Hartong and John Strand, the release of the SCYTHE Marketplace with custom modules, introduction and AMA with our platform engineers to ask all the technical questions about C2 and synthetic malware, lighting talks with researchers and module developers, great talks, and a brand new CTF. Of course we will have lots of swag for everyone so save the date and register now for UniCon!

Marketplace Technical Launch

With the release of SCYTHE 3.0, the new SDK, and module developers creating custom modules for SCYTHE, we are ready for the technical launch of the Marketplace! We have many researchers and developers working on modules as you read this. Development is open to everyone and we are looking forward to the modules that are in progress.


Become a Unicorn by creating your own SCYTHE modules that emulate adversary behavior and TTPs. The SCYTHE SDK is free and available for anyone to download. At UniCon, you will learn more from security researchers and engineers about module creation so you can create your own custom behaviors and TTPs targeting Windows, Linux, and macOS. 

Capture the Flag

We have a brand new CTF that will debut. This one is for the entire Purple Team, whether you are Red Team, Security Operations Analyst, Hunt Teamer, or Digital Forensics and Incident Responder. We all need to know what our payloads do before deploying them in an environment. We will create various synthetic malware and you will need to tell us what they do! 


We’ve detected malicious activity on an endpoint after a recruiter downloaded a resume.doc which executed some sort of malware. We were able to take that endpoint offline before it could do any major damage (we think), but we’d like you to investigate what exactly the executable does. This CTF will be 3 levels and require you to run 3 different pieces of synthetic malware and analyze what it does. Level 1 and 2 are question/answer format while level 3 asks you to go way deeper. More details coming soon!


  • Stickers for everyone that registers for the CTF
  • Shirt for everyone that gets past level 2
  • Hoodie for all that submit a write up and blog post
  • Technical Write Up, Creative Write Up, and a Random Write Up will all get an extra cool prize. Trust us, we have the best swag.


SCYTHE provides an advanced attack emulation platform for the enterprise and cybersecurity consulting market. The SCYTHE platform enables Red, Blue, and Purple teams to build and emulate real-world adversarial campaigns in a matter of minutes. Customers are in turn enabled to validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions. Based in Arlington, VA, the company is privately held and is funded by Gula Tech Adventures, Paladin Capital, Evolution Equity, and private industry investors. For more information email, visit, or follow on Twitter @scythe_io.