EvilBit Labs

Operator-focused Security Tooling

We build operator-focused security tools that work offline, on purpose.

Explore Solutions

Trusted for Enterprise & Open Source

Operator-Centric
Built for real-world needs by practitioners
Airgap-Friendly
Designed for offline, high-security environments
Transparent by Design
Open code, real docs, and behavior you can trust
Tested Under Pressure
Robust engineering that holds up when it matters most
Your Stack, Your Choice
Works with your existing tools, OS, and infrastructure

Flagship Products

What We Build

DaemonEye

High-performance security process monitoring system with audit-grade integrity. Detect process anomalies, hollowing attacks, and suspicious behavior across your infrastructure.

  • Real-time process monitoring with <5% system overhead
  • Cross-platform security monitoring for Linux, macOS, and Windows
  • SQL-based custom detection rules with flexible anomaly detection
Learn more about DaemonEye

dbsurveyor

Fast, offline database schema discovery and sampling. Understand unfamiliar databases quickly with portable reports.

  • Schema + sample extraction with throttle control
  • Portable outputs with optional compression and AES-GCM encryption
  • Markdown/JSON reports and SQL reconstruction
Learn more about dbsurveyor

opnDossier

v1.4.0

Readable reports from OPNsense configs. Turns OPNsense config.xml files into clear, operator-ready documentation with optional audit reporting.

  • Convert: structured Markdown/JSON/YAML (summary or comprehensive)
  • Display: themed terminal rendering with syntax highlighting
  • Audit: standard/blue/red reports with findings and recommendations
Learn more about opnDossier

Community Tools

Open Source

libmagic-rs

v0.1.1 Rust

A pure-Rust replacement of libmagic, the library behind the file command

View on GitHub: libmagic-rs
Apache-2.0

token-privilege

v0.1.1 Rust

Safe Rust wrapper for Windows process token privilege and elevation detection.

View on GitHub: token-privilege
Apache-2.0

mmap-guard

v0.2.0 Rust

Safe, guarded memory-mapped file I/O for Rust.

View on GitHub: mmap-guard
Apache-2.0

Stringy

Rust

Format-aware alternative to strings. Uses binary format intelligence to find useful strings where others see noise.

View on GitHub: Stringy
Apache-2.0

gold_digger

v0.2.0 Rust

Gold Digger is a Rust-based query tool for MySQL and MariaDB systems, designed for routine collection and automation of database queries using environmental variables.

View on GitHub: gold_digger
MIT