SCYTHE 3.0 is here!

The SCYTHE team has been busy working on version 3.0, our latest release. This release brings major improvements, including support for in-memory third-party Python Modules built using the SCYTHE Software Development Kit (SDK), and will lead up to the launch of the SCYTHE Marketplace.

What’s new in 3.0?

  • Threat Automation Language enhancements
  • Virtual File System
  • SCYTHE Modules written in Python 
  • Support for the SCYTHE Marketplace

Threat Automation Language Enhancements

SCYTHE's Threat Automation Language is getting a massive upgrade in 3.0, including the ability to use the results of one action as input to a subsequent action and assigning constant values to symbols, which can be used over and over in your Campaigns!

Virtual File System

SCYTHE 3.0 brings a central location for operators to upload and deploy files to endpoints within the SCYTHE user interface. Complete with full navigation and permissions, the Virtual File System allows operators to collaborate and deliver custom files without having to retrieve files from arbitrary network locations residing outside of SCYTHE.

SCYTHE Python Modules

SCYTHE 3.0 offers a runtime built on top of an in-memory CPython interpreter. Module developers no longer need to write native modules. Instead, module developers can write modules entirely in Python. These modules and the runtime run entirely in-memory without touching the disk. The SCYTHE Software Development Kit gives developers a seamless module creation and validation experience. Early access to the Python features in the SDK has been provided to a number of security researchers in the industry to have modules available in the Marketplace for the launch on July 31, 2020. If you are interested in the Python features in the SDK, let us know!

Support for SCYTHE Marketplace

SCYTHE 3.0 supports installation of Modules from the SCYTHE Marketplace. You can purchase, download, and install new capabilities for your SCYTHE platform from the Marketplace. SCYTHE brought together an Advisory Council: Chloé Messdaghi, John Strand, Sounil Yu, Tim MalcomVetter, and TJ O’Connor. The SCYTHE Marketplace provides a place to develop and share innovative capabilities. 

Now is the Time to Test Drive SCYTHE!

Whether you are trying to validate your defenses, test a new endpoint protection product, or streamline your team’s workflow, now is the perfect time to give SCYTHE a try! Reach out to us for more information today.


SCYTHE provides an advanced attack emulation platform for the enterprise and cybersecurity consulting market. The SCYTHE platform enables Red, Blue, and Purple teams to build and emulate real-world adversarial campaigns in a matter of minutes. Customers are in turn enabled to validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions. Based in Arlington, VA, the company is privately held and is funded by Gula Tech Adventures, Paladin Capital, Evolution Equity, and private industry investors. For more information email, visit, or follow on Twitter @scythe_io.