Evil Technologies mascot: scientist with robotic assistant
Evil Technologies
Applied Security & Intelligent Automation

Security research • automation • reporting

Practical cybersecurity that improves real-world defense.

We build ethical security tooling, conduct applied research, and deliver clear, reproducible results—so teams can reduce risk with confidence.

View capabilities See research work
Authorized testing only
Reproducible methodology
Defensive outcomes
GIR LAB: Authorized only Scoped testing Defensive outcomes

Capabilities

Services are designed for teams that want defensible findings, repeatable processes, and outcomes that translate directly into fixes.

Security Research

Controlled vulnerability research with clear impact analysis, reproduction steps, and remediation guidance aligned to real engineering workflows.

  • Vulnerability discovery & validation
  • Threat modeling & attack surface review
  • Responsible disclosure support

Automation & Tooling

Purpose-built tooling that improves signal-to-noise, speeds up triage, and standardizes reporting—without sacrificing safety or oversight.

  • Scan orchestration & pipelines
  • AI-assisted analysis (human-gated)
  • Reporting templates & evidence capture

Knowledge Transfer

Practical training and documentation that helps teams adopt stronger habits, repeatable labs, and operationally useful security workflows.

  • Hands-on labs & learning environments
  • Playbooks and runbooks
  • Developer-ready remediation notes

Method & ethics

We prioritize authorization, transparency, and defensive outcomes. Work is scoped, reproducible, and aligned to responsible disclosure principles.

How we work

  1. Scope & authorization: confirm targets, rules, and constraints.
  2. Controlled research: validate issues with minimal risk.
  3. Evidence capture: logs, repro steps, and impact analysis.
  4. Actionable reporting: fixes, prioritization, and next steps.

What you can expect

  • Clear severity reasoning (not just scores)
  • Repro steps that engineers can run
  • Minimal-disruption validation
  • Optional “human-in-the-loop” approvals for automation

Note: We operate exclusively in authorized and controlled environments.

Projects & research

Selected internal work focused on improving defensive insight, triage quality, and reporting fidelity.

View all projects →

Research platform

Project G.I.R.

An internal research platform exploring AI-assisted orchestration for vulnerability triage, signal correlation, and report generation in controlled lab environments.

  • Scanner orchestration & scheduling
  • Human-gated automation for safety
  • Structured findings, templates, and evidence capture

Public demos are limited to authorized lab targets (e.g., intentionally vulnerable apps).

Learning environment

Security Lab Tooling

Reproducible lab environments and training workflows designed to teach defensive thinking: what happened, why it matters, and how to fix it.

  • Challenge mapping & normalized findings
  • Repeatable runbooks
  • Clear “why/what/how” documentation
Local-first GM

Project GUTTER

An offline-first Shadowrun GM system powered by local LLM inference (Ollama), focused on street-level narration and consequence tracking. Dice results are treated as authoritative player input; campaign memory persists as structured JSON.

  • Rules-aware narration (no dice rolling)
  • Persistent campaign memory (JSON)
  • Character-aware assistance with agency boundaries

Read the project page →

Contact

Want to collaborate, request a demo in a controlled lab environment, or discuss a scoped engagement? Send a note below—messages go directly to our inbox via Netlify Forms.

Capabilities Projects

We respond as fast as possible. If your message involves testing, include scope + authorization details.

No unsolicited scanning. Authorized scope only.