About EvilBit Labs

EvilBit Labs is a small independent lab focused on creating polished, operator-first security tools for red and blue teams. Our background is in large-scale detection engineering and vulnerability analysis, much of it in restricted and airgapped environments where most SaaS tools fail.

We build software that is local-first, offline-capable, and privacy-respecting. Designed to support security practitioners with clean outputs, minimal overhead, and full operator control. No tracking, no phoning home, just trustworthy binaries you can actually use in constrained environments.

Sponsorship helps us keep building and refining these tools in our limited free time. We're not chasing scale or subscriptions; we're quietly forging utilities that security professionals can rely on.

Featured Projects

DaemonEye

Security-focused process monitoring in Rust. A privileged daemon, orchestration agent, and CLI for teams who need reliable visibility into system behavior without trusting opaque vendor code. Zero unsafe code, strict linting, comprehensive tests.

opnDossier

Configuration intelligence for OPNsense firewalls. Transforms XML configs into security reports, detects dead rules and misconfigurations, exports to Markdown/JSON/YAML. Works completely offline for airgapped networks.

Stringy

A smarter strings command. Format-aware extraction from ELF, PE, and Mach-O binaries with semantic tagging (URLs, IPs, registry keys, crypto constants). Built for analysts who are tired of sifting through noise.

libmagic-rs

Pure-Rust reimplementation of libmagic for file type identification. Memory-safe alternative to the C library powering the file command. 17,000+ lines, 650+ tests, zero unsafe code.

We also maintain database collection tools (dbsurveyor, gold_digger) and other utilities. Explore all projects on GitHub.

Why Sponsor?

These projects share a common thread: security tools built with security-first engineering. Memory-safe languages, offline operation, no telemetry. Your support helps us maintain and expand tools that practitioners can actually trust in sensitive environments.