Open research & shared engineering
Labs is where we publish work that sits outside contracts—still substantive: threat models sketched early, measurement runs, reproducible configs, tooling we're willing to iterate in public. None of it is priced or warranted like an engagement; it's transparent R&D. For scoped professional work, we route you to paranoai.ai.
Ground rules
- Not billable artifacts
- Repos and posts aren't quotations. Commercial terms stay on paranoai.ai.
- WIP beside polished
- Early builds and invalidated paths can sit next to fuller write-ups—we publish the trajectory, not just the highlight reel.
- Responsible handling
- Embargoes and safe disclosure habits still apply—lab doesn't mean "free-fire on prod."
Research & Guides
Live pages from ongoing research — tools, landscapes, and guides.
- Landscape
AI Sec Certs Landscape
Registry of AI Security certifications: OffSec, DefSec, Governance. Career tracks, combo packs, and role mapping.
- Leaderboard
AI Pentest Tools
Open-source AI pentest tools ranked by GitHub stars — plus a commercial platform overview.
- Guide
LLM Access for Security Research
How to get elevated LLM access for CTF, bug bounty, and pentest research — OpenAI, Anthropic, Gemini.
Examples of what lands here
The backlog shifts with what we're exploring; it skews toward work that earns a methodology or a repeatable artifact, without a billing code on it yet.
-
Analysis & methods
Benchmarks we've repeated, toolchain comparisons, postmortems, and defenses we stress-tested ourselves.
-
Talks & teaching
Decks and exercises from conference talks or internal curricula—published as-is, without pretending to replace formal training paths.
-
Prototypes
Public forks of parsers, benchmarks, dashboards—anything we're iterating where velocity matters more than a support SLA.
Contact
Collaboration on research-oriented threads or OSS is welcome wherever we publish contact next. Procurement, RFIs, and vendor diligence—still paranoai.ai.