A full ecosystem of security intelligence, internet infrastructure, AI services, and open source tooling — all running from our private data center.
One of the most advanced threat monitoring and management systems built this year. Real-time threat data, enrichment, and API access for security operations.
Dark web monitoring service. Continuous surveillance of dark web forums, marketplaces, and breach dumps — with alerting when your assets appear.
The AI engine that sits on top of everything. Machine learning models trained on our proprietary threat data, providing scoring, classification, and automated response.
Internet email security and compliance services. AI-powered spam filtering, threat intelligence, SPF/DKIM/DMARC management, and enterprise messaging for iPhone and Android.
The internet's premier DNS research platform. Tracks DNSSEC, SPF, DKIM, MTA-STS, and SMTP TLS configurations across thousands of domains with historical drift detection and Web3 domain support.
Enterprise DNS as a service. High-availability, anycast DNS with built-in threat protection and DNSSEC support — powered by our own DNS infrastructure.
AI models as a service. Curated, hosted, and API-accessible AI models for security, classification, and general inference — ready to integrate with no infrastructure overhead.
AI prompt generation service. Engineered prompts for security analysis, threat classification, and enterprise automation use cases — via API or web interface.
Unified API services — a one-stop shop for a wide range of security, data, and infrastructure APIs. Aggregated access with a single auth layer.
Managed API proxy service. Rate limiting, authentication, caching, and request transformation — without managing your own API gateway infrastructure.
After Dark Tech — tools, utilities, and APIs built by our engineering team and made available to the public. Developer-focused security and infrastructure tooling.
Phishing, solved. Enterprise phishing simulation and security awareness training platform with realistic campaigns, reporting, and remediation workflows.
Spam intelligence feeds and anti-spam research. Real-time spam data, IP blocklists, and sender reputation intelligence for mail security operators.
Password security testing with attitude. Test password strength, check for known compromised passwords, and get brutally honest feedback on your organization's password hygiene.
Secrets management as a service. Secure storage, rotation, and distribution of API keys, credentials, and certificates — with audit logging and access controls.
We built our own DNS server from scratch in Go (GoDNSScienceD) after years of running BIND, Unbound, NSD, and dnscache at internet scale — and consulting on EfficientIP and Infoblox for enterprise clients. Now it's a full DDI appliance targeting the cloud marketplaces. Competing directly with legacy vendors at a fraction of the cost.
Developer platform incubator project. Tools and infrastructure for developer communities.
Because even security engineers need a place that doesn't take itself too seriously.
Social connection platform exploring AI-powered matching for combating loneliness.
Financial tools and research platform in active development.
Disease tracking and epidemiological data research platform. Previously served millions of users during COVID-19 tracking.
Battle-tested tools from our own production infrastructure — freely available on GitHub. Everything from DNS servers to LLM security to cloud CLIs.
We started with BIND. We ran Unbound, NSD, and dnscache at massive scale. Then we wrote our own DNS server from scratch in Go. GoDNSScienceD is our production DNS server — performant, modern, and built by engineers who have forgotten more about DNS than most people ever knew.
Enterprise endpoint security daemon — patch compliance, threat intel, and baseline security monitoring.
Lightweight agent for AfterDark Security endpoint suite. Runs on Linux, macOS, and Windows.
Cross-platform GUI installer, configuration panel, and monitoring dashboard for the endpoint suite.
Real-time macOS process monitoring with AI-powered behavioral analysis and a plugin system.
macOS memory forensics tool — analyze process memory, scan for patterns, and dump memory regions.
Production-ready security layer for AI apps. Blocks prompt injection, data leaks, and jailbreaks before they reach your model.
Policy-driven runtime guard for macOS — observe syscalls and enforce per-binary allow/deny rules.
Local security timeline for macOS — a Time Machine for security events and incidents.
Monitor macOS apps after permission grants to detect abuse patterns and trust decay.
Local, privacy-preserving binary analysis CLI for macOS — produces human-readable trust reports.
Real-time supply-chain security monitoring for macOS. Watches Homebrew, npm, pip, cargo, and go packages.
Scan your codebase for exposed secrets and environment variables before they hit production.
Static analysis tool for detecting security anti-patterns and code quality issues in multi-language codebases.
Modern DNS shell with packet-capture brain. Replaces dig with a developer-friendly, interactive DNS tool.
CLI toolkit for DNS research — DNSSEC validation, SPF/DKIM/DMARC auditing, and zone drift detection.
SSL/TLS certificate lifecycle management toolkit — automated issuance, renewal, and deployment at scale.
Certificate Authority risk scoring and CT log search tool — evaluate CA trustworthiness across issuers.
Go library for programmatic certificate management across ACME, Vault, and custom CA backends.
Python app for managing PGP/GPG keys with metadata tracking, usage logging, and automated reporting.
CLI and automation toolkit for managing EfficientIP DDI environments.
End-to-end code signing pipeline for Linux software releases. Integrates with CI/CD and provides audit trails.
Professional prompt engineering toolkit — templates, an interactive playground, and collaboration features for AI workflows.
Calculate and estimate costs for LLM API calls across all major providers. Optimize spend before you ship.
Grafana dashboard SDK, templates, CLI wizard, and NLP-driven dashboard generation from natural language.
Next-gen email client supporting Gmail, Outlook, IMAP, and Web3 protocols (AfterSMTP, Mailblocks). Making email purr again.
Enterprise email service with disaster recovery, anti-spam protection, and high-volume message processing in Go.
Amavisd-new plugin that integrates betterphish phishing intelligence directly into your mail filter pipeline.
Enterprise OCI container registry with upstream credential broker for AWS ECR, OCI, Docker Hub, and GCP.
AWS/GCP to Oracle Cloud Infrastructure migration toolkit — discover, analyze, map, and export your cloud infrastructure.
OCI and Cloudflare billing toolkit with historical tracking, trend analysis, budget alerts, and R2 backup.
High-performance API caching daemon with plugin system — cut API costs by 90% and drop response times from 200ms to under 5ms.
Full-featured CLI for BunnyCDN — manage storage zones, pull zones, purge cache, and deploy assets from the terminal.
Standalone CLI for Dark Storage, our API-first cloud storage platform.
Disk imaging tool for bare-metal provisioning, backup, and forensic capture across Linux hosts.
Cloud emulation and testing platform — spin up realistic cloud service mocks without hitting live APIs or paying per-call.
Go SDK for MockFactory cloud emulation.
Node.js / TypeScript SDK for MockFactory.
Python SDK for MockFactory.
PHP SDK for MockFactory.
Shell library for MockFactory (bash + curl + jq) — no dependencies, works anywhere.
gosh-powered CLI for MockFactory — shell-sourceable, scriptable cloud emulation.
Infrastructure as Code platform with built-in SSO — define, deploy, and manage infrastructure from a single control plane.
Professional Git GUI with comprehensive operations support — branches, history, diffs, stash, and rebase in one view.
Official SecretServer.io client libraries in Python, Node.js, PHP, Go, and Ansible.
CLI for the PayPal REST APIs — manage transactions, subscriptions, and payouts from the terminal.
Check package name availability on PyPI, npm, and GitHub simultaneously in seconds.
Postman API testing suite for all After Dark Systems public APIs — ready to fork and run.
Comprehensive CLI and HTTP API tool for debugging, analyzing, and finding security issues within the Tor ecosystem.
Open-source multi-engine malware scanner written in Go — scan files and URLs across multiple AV engines.
Infrastructure probing and port scanning tool built in Go.
Network packet recording daemon — capture and store network traffic for forensic analysis.
Go-based packet analysis and capture toolkit.
IP address management and casting utility written in Go.
CLI client for ipn.fyi Dynamic DNS — manage dynamic DNS records from the terminal.
AI-powered supply chain risk scanner — analyze open source dependencies for security and supply chain threats.
Automated security diff engine — analyze code changes for security regressions and vulnerability introductions.
Python security toolkit with utilities for common security engineering and research tasks.
Cookie security implementation library for AfterDark Security — secure cookie handling and validation.
System tweaking and optimization utility for AfterDark environments.
OpenRouter AI chatbot CLI — multi-model chat, agents, prompt helper, and MCP support from the terminal.
Meowdel AI — AI model platform and tooling.
Meowdel CLI — chat, brain, and AI agents from your terminal. TypeScript-powered.
Marketing website for LLM Security Firewall — protect your AI applications from adversarial attacks.
Go-based DNS sinkhole for blocking malicious domains and controlling DNS resolution.
Social media reputation scoring and trust analysis platform.
Safety and risk scoring library for evaluating content, URLs, and inputs.
ML model and CLI for predicting GitHub repository star growth.
Go-based log aggregation and routing daemon for AfterDark infrastructure.
Go scripting toolkit for email automation, parsing, and processing.
Code signing utility for Go — sign and verify binaries with GPG or custom CAs.
Go utility for Homebrew package management automation and security auditing.
macOS Finder integration tools written in Go.
macOS menu bar application framework and utilities in Go.
Precompiled binaries for the AfterDark Security Endpoint Agent suite — ready-to-deploy packages.
Shared utilities and helpers used across AfterDark Systems operations tooling.
Client libraries for AfterShip Storage — programmatic access to AfterDark file storage services.
Command-line interface for PasswordRoost — test password strength and check breach exposure from the terminal.
Models-to-Go utility — package and export AI models for portable deployment.
Python bot for automated security scanning using Bandit and related SAST tools.
Audio fingerprinting and song identification library written in Python.
AfterDark Package Manager — shell-based package management for internal tooling.
Python library for Apple iCloud API access — manage iCloud data programmatically.
Python API client for the NiteFlirt platform.
Swift-based STIG (Security Technical Implementation Guide) compliance checker for macOS.
Swift-based macOS security and analysis utility.
Cloudflare management skill for Claude Code — automate Cloudflare operations from your AI assistant.
Core mock library for the MockFactory cloud emulation platform.
Early access, API keys, consulting, or just to talk shop — reach out and we'll connect you with the right people.