Prototypes.

Tholian Guard

(Closed Source)

Tholian Guard is a peer-to-peer Autonomous EDR Endpoint Agent, which learns from its surrounding Peers and is able to communicate, share, and improve Mitigations fully automatically.

Its concept allows to analyze both network traffic behaviour and process behaviour, and shares recognized malicious behaviours with its surrounding peers so that they can prepare, isolate, quarantine or even conquer back lost machines. Additionally it has a strong understanding of the hardware and software inventories of its systems, which allows to analyze programs and their vulnerabilities even more in-depth than other solutions, and allows things like hot-patching (or vaccination) of remote programs that are vulnerable to learned zero-days and already disclosed exploits.

In the age of highly automated ransomware suites, the Tholian Guard allows to give back the advantage to the defending Blueteam side, without requiring any human interaction.

Tholian Stealth

GitHub GitLab

Tholian Stealth is an automateable Web Browser that focusses on increased Privacy, increased Automation, adaptive Semantic Understanding and efficient Bandwidth Usage, no matter the cost.

Stealth's Design Goals try to embrace the Automation of User Interaction wherever possible, so that users can focus on the important tasks while their Web Browser helps them to automate repetitive tasks that would consume their time unnecessarily. As everything is on the Web, everything can be automated.

Its unique concept allows to automate and share Beacons (Site Adapters) and Echoes (Site Workflows) with other local Peers in the same Network - or global Peers connected to Radar. Once any User automated a workflow for a specific Website, others can simply reuse it, modify it or share it with their trusted Peers.