projects
We build tools that make security research faster, cleaner, and more repeatable. These are our contributions to the community — from PoC exploits to tradecraft utilities.
Active Projects
| Project | Description | Status |
|---|---|---|
| f3ds Hugo blog | Minimal, fast static site for security research | Active |
| f3ds/mirc-exploit-framework | Legacy mIRC scripting framework for IRC-based C2 comms and exploit delivery | Active |
| f3ds/ghost-logger | Lightweight Linux userland logger for persistence research and red team ops | Active |
| f3ds/anon-relay | Privacy-focused relay tool for anonymous communications | Active |
| Detection rules | Sigma/YARA rules for common threats | Active |
| f3ds/cve-weapons | Curated PoC collection with full analysis and mitigations | Active |
Tool Categories
Red Team Tradecraft
Our offensive tooling focuses on operational security, clean tradecraft, and reliable execution:
- mirc-exploit-framework: Classic IRC-based command and control. Uses mIRC’s scripting capabilities for stealthy C2 channels. Supports payload delivery, file exfiltration, and automated recon scripts.
- ghost-logger: User-space logging daemon designed for Linux persistence research. Captures TTY input, process execution, and network connections without rootkit-level modifications.
- cve-weapons: Responsible PoC collection. Each exploit includes detailed analysis, scope boundaries, and defensive mitigations.
Defensive Tools
Blue team utilities for detection, response, and hardening:
- Detection rules: Sigma rules and YARA signatures for emerging threats. Tested against real-world datasets and continuously updated.
- anon-relay: Privacy utility for secure, anonymous traffic routing. Useful for defensive research and privacy-conscious operations.
Research Scratchpad
Experimental code and work-in-progress tools:
- Blog write-ups with accompanying PoC code
- Detection patterns and forensic techniques
- Post-mortems from our research sessions
Archived Work
Older projects and experiments that may see future updates (to be upgraded):
- Legacy Perl scripts from early 2000s research
- Proof-of-concept malware analysis tools
- Deprecated detection patterns
All tools are released for educational and defensive purposes. We advocate responsible disclosure and defensive research.