Projects

A small set of composable tools for malware analysis. stng extracts strings from binaries; cleave decomposes binaries and source into capabilities mapped to ATT&CK and MBC; litmus runs local AI-based detection against that output, with models improved through cyclotron, Atomdrift's live training loop.

• litmus beta
  ClamAV-style local scanner for AI-based malware detection. Runs open models like azoth against capabilities extracted by cleave.
  Details Source Issues
• azoth COMING SOON
  The first open-source AI model for general malware detection. Trained on cleave-extracted capabilities across 20+ languages and six binary formats.
  Details
• cleave stable
  AST-aware software decomposition engine for supply-chain security. Detects capabilities and behaviors across 20+ languages and six binary formats in a single pass.
  Details Source Issues
• stng stable
  Modern string extraction for binary analysis — all of the good stuff, none of the garbage. Useful for triage, C2 enumeration, credential extraction, and YARA signature development.
  Details Source Issues
• xgboost-ars stable
  Pure Rust XGBoost inference with exact TreeSHAP. No ONNX, no C++ runtime — runs anywhere Rust does.
  Details Source
• c.diff planning phase
  Context-driven molecular drift detection. Tracks how code atoms shift across versions and dependencies.