SMASH Labs_

Elite security research & Gen AI consulting.
We find what your adversaries are looking for. Before they do.

// Security Services

Decades of adversarial research, collectively applied. We deliver offensive capabilities with defensive outcomes.

Reverse Engineering

Malware dissection, vulnerability discovery, interoperability research, and binary analysis across architectures and platforms.

Fuzzing

Custom instrumented fuzzers, coverage-guided campaigns, and automated vulnerability discovery pipelines tailored to your attack surface.

Penetration Testing

Red team operations, network and application assessments, and continuous adversary simulation against your critical infrastructure.

Forensics

Incident response, compromise investigation, data recovery, and post-breach hardening recommendations when it matters most.

Training

Customized offensive security curricula for engineering and security teams — from exploit fundamentals to advanced vulnerability research.

Intelligence

Dark web monitoring, threat actor tracking, and leaked credential surveillance scoped to your organization's exposure.

// Gen AI Consulting

The attack surface just changed. So did the opportunity. We help organizations secure their AI systems and leverage Gen AI to ship faster.

AI Security

LLM threat modeling, prompt injection assessment, model supply chain risk, RAG pipeline security, and AI governance frameworks. We audit what your AI systems can be made to do.

Engineering Efficacy

Practical Gen AI adoption for development teams. Agentic workflow design, AI tooling integration, code generation pipelines, and MCP ecosystem consulting. We make your engineers faster.

AI Red Teaming

Adversarial evaluation of AI products and deployments — jailbreaking, model exfiltration attempts, multi-agent attack surface analysis, and safety bypass research.

Strategy & Governance

AI risk assessments, responsible deployment frameworks, and executive guidance on integrating AI capabilities while managing organizational exposure.

// Projects

Research that ships. A track record of open-source contributions and commercial tooling that practitioners actually use.

incubated at SMASH Labs

Maestro →

AI coding agent platform for engineering teams. Manage multiple AI coding assistants simultaneously with a keyboard-first interface. Designed for the way developers actually work — fast, parallel, and context-aware. Born from SMASH Labs' own AI-augmented security research workflows.

runmaestro.ai

// legacy — open source contributions

Foundational tooling from the early era of Windows security research. No longer actively maintained, but these projects shaped the tools and workflows that followed.

pydbg Pure-Python Windows debugger and process control library. Foundational automation layer for a generation of exploit research and fuzzing workflows.
sulley One of the earliest open-source mutation fuzzing frameworks. Predated AFL, libFuzzer, and the modern fuzzing ecosystem by nearly a decade.
paimei Reverse engineering automation framework built on pydbg. Pioneered programmatic debugger scripting workflows that influenced tooling now standard across the industry.

// Trusted By

Organizations that brought us in when the stakes were high.

// Get in Touch

Active incident, planned engagement, or exploring Gen AI for your team. Start here.