F13 Labs is a boutique offensive security and research unit focused on vulnerability discovery, fuzzing, and exploit‑grade analysis for high‑value targets.
Targeted research on critical components: parsers, protocol handlers, IPC/RPC bridges, and security boundaries. We combine manual analysis with custom fuzzing infrastructure.
Design and implementation of fuzzing setups, including corpus generation from 010 templates, harness design, and coverage‑guided workflows.
For high‑value findings, we provide exploitability assessments, proof‑of‑concepts, and hardening recommendations grounded in real attacker workflows.
We experiment with integrating LLMs into fuzzing workflows: generating structured corpora from binary templates, mutating edge cases, and guiding coverage exploration.
Focus on proprietary formats, legacy parsers, and complex state machines where traditional fuzzing alone underperforms.
Custom harnesses, triage tooling, and analysis scripts built around real‑world targets—not generic demos.
Security boundaries, privilege transitions, and components where a single bug can change your entire threat model.
We don’t do checkbox audits. We take a small number of targets and go deep until we’re satisfied with coverage and understanding.
Clear reporting, no inflated severity, and no noise. If we say it matters, it’s because we’d care about it in an actual exploit chain.
We work with a small number of teams at a time. If you have a specific component, product, or protocol in mind, share enough detail for us to understand the scope.
Replace the placeholders below with your real contact channels.
pgp@f13-labs.net