Independent offensive security research

Halo Forge conducts offensive security research on AI and machine learning systems.

We discover and disclose vulnerabilities, build open adversarial tooling, and publish technical analysis for the security community.

AI/ML infrastructure Model supply chain Inference & RAG systems MITRE ATLAS
01

What Halo Forge provides

Security research services delivered to the public and to organizations working on AI systems.

Vulnerability research

Discovery & disclosure

Halo Forge identifies vulnerabilities in AI and ML systems and their supporting infrastructure, and publishes coordinated advisories for the security community.

Tooling

Offensive frameworks

Halo Forge designs and releases open tooling for testing the security of machine learning pipelines, model formats, and inference systems.

Analysis

Threat research

Halo Forge publishes technical analysis of attack techniques against AI infrastructure, mapped to established threat frameworks for practitioner use.

Education

Training & talks

Halo Forge teaches hands-on offensive security and presents original research at industry conferences and community villages.

02

Research projects

Open research efforts published under the Halo Forge name. Each links to writeups, advisories, or papers, not product downloads.

Crucible Structure-aware fuzzing of machine learning model file formats and inference infrastructure, surfacing and disclosing parser and protocol vulnerabilities. Research →
Hemlock Document-injection research for retrieval-augmented generation pipelines, operationalizing published academic attacks to test RAG defenses. Research →
aipostex Offensive security research across AI infrastructure — service discovery, assessment, and post-exploitation — with a companion test lab for reproducible study. Research →
Manta Weight-steganography research on covert channels in neural-network weights and the defenses that detect them. Offensive techniques held under embargo pending peer review. Research →
AIT Agentic Intercept Toolkit — research on agent-to-agent and agent-to-tool traffic, trust paths, and oracle-backed impact validation for authorized testing. Research →
03

Publications & writing

Halo Forge publishes blog posts, disclosures, and technical writeups as research is released.

Current blog posts and research are published at m00dy.sh.

04

About the lab

Halo Forge is an independent security research operation focused on the offensive security of artificial intelligence and machine learning systems.

The lab's work spans the AI supply chain: model formats and checkpoints, inference and retrieval systems, training pipelines, and the infrastructure that runs them. Findings are published as advisories, tooling, and technical analysis for the wider security community.

Halo Forge is operated by Halo Forge Labs LLC. Research is presented at industry conferences and community villages, and disclosed responsibly to affected maintainers and vendors.

For research collaboration, disclosure coordination, or engagement inquiries, reach the lab directly.

Work with Halo Forge

Research collaboration, coordinated disclosure, and adversarial testing of AI systems.

nathan@halo-forge.io