Operator-focused Security Tooling

EvilBit Labs

We build operator-focused security tools that work offline, on purpose. Welcome to EvilBit Labs.

Explore Solutions Request Demo

Trusted for Enterprise & Open Source

Operator-Centric
Built for real-world needs by practitioners
Airgap-Friendly
Designed for offline, high-security environments
Transparent by Design
Open code, real docs, and behavior you can trust
Tested Under Pressure
Robust engineering that holds up when it matters most
Your Stack, Your Choice
Works with your existing tools, OS, and infrastructure

Products & Tools

Our Solutions

DaemonEye

Open Source

High-performance security process monitoring system with audit-grade integrity. Detect process anomalies, hollowing attacks, and suspicious behavior across your infrastructure.

  • Real-time process monitoring with <5% system overhead
  • Cross-platform security monitoring for Linux, macOS, and Windows
  • SQL-based custom detection rules with flexible anomaly detection
Open Source
Learn more about DaemonEye

dbsurveyor

Open Source

Fast, offline database schema discovery and sampling. Understand unfamiliar databases quickly with portable reports.

  • Schema + sample extraction with throttle control
  • Portable outputs with optional compression and AES-GCM encryption
  • Markdown/JSON reports and SQL reconstruction
Open Source
Learn more about dbsurveyor

Gold Digger

Open Source

Rust CLI for MySQL/MariaDB query execution and structured data export. Designed for operators who need reliable, reproducible data extraction.

  • MySQL/MariaDB support with secure TLS connections
  • Structured outputs: CSV, JSON, TSV with deterministic formatting
  • Built for automation (cron, CI/CD) and offline-first environments
Open Source
Learn more about Gold Digger

opnDossier

Open Source

Readable reports from OPNsense configs. Turns OPNsense config.xml files into clear, operator-ready documentation with optional audit reporting.

  • Convert: structured Markdown/JSON/YAML (summary or comprehensive)
  • Display: themed terminal rendering with syntax highlighting
  • Audit: standard/blue/red reports with findings and recommendations
Open Source
Learn more about opnDossier

Custom R&D

Enterprise

Tailored cybersecurity research and development for unique organizational challenges.

  • Custom solutions
  • Expert consultation
  • Proof of concept
Learn more about Custom R&D

Detection Toolkit

Enterprise

Offline detection rule testing that actually runs in labs. Validate Sigma and more with deterministic test workflows.

  • Declarative test definitions (YAML/JSON) executed by an orchestrator
  • Sigma + JSONL MVP with pass/fail assertions and checksums
  • Structured outputs (JSON/Markdown/JUnit) for audits and CI
Open Source
Learn more about Detection Toolkit