Privacy-first AI company

lil.business

We build AI tools that work for you, not on you.
Local processing. No telemetry. No data harvesting. No bullshit.

Our Projects GitHub
Free Assessment

How Secure Is Your Business?

Take our 5-minute security assessment quiz. Get your security score, identify gaps, and receive personalized recommendations — no email required.

Start Free Assessment

Projects

Focused tools that do their job well. No bloat, no feature creep.

Active

Hermes

Agent Orchestration

AI agent orchestration platform. Deploy autonomous agents that coordinate, reason, and execute complex workflows. Self-hosted, privacy-first, no cloud dependency.

OrchestrationAgentsAutomation
In Development

Spaaaace

On-Device AI for Apple

A privacy-first AI assistant for iOS, iPadOS, and macOS. Runs entirely on-device — your conversations, your data, your hardware. No cloud required. No transcripts leaving your phone. Ever.

iOSmacOSLocal AIPrivacy
Active

CyberDark

Offensive Security Framework

Advanced red team operations toolkit. Automated reconnaissance, exploit development, and post-exploitation framework designed for authorized penetration testing. Built for security professionals who need reliable, documented offensive capabilities.

Red TeamPentestingOffSec
Active

CyberBook

Security Knowledge Base

Curated cybersecurity knowledge base and learning platform. Aggregates research, tools, techniques, and frameworks into a searchable, structured reference. From beginner concepts to advanced offensive/defensive techniques.

Knowledge BaseSecurityResearchLearning

How We Build

These aren't aspirational values on a poster. This is how we actually work.

Privacy by Default

Your data stays on your device. We don't collect telemetry, we don't phone home, we don't have analytics tracking you across the web. If a feature requires sending data somewhere, we tell you exactly what, where, and why — and you choose.

Open Source First

We default to open. Code is public unless there's a genuine reason to keep it closed (like preventing weaponization of security tools). When we can't open-source something, we explain why.

Small & Intentional

We're "lil" on purpose. Small team, focused products, no feature bloat. We'd rather build four things that work perfectly than forty things that kind of work. Quality compounds.

No Corporate BS

We don't "leverage synergies" or "disrupt paradigms." We build tools, we explain what they do in plain language, and if something breaks we say so. Our changelogs include the mistakes.

Privacy Policy

A privacy policy you can actually read in under 2 minutes.

The Short Version

We collect as little data as possible. We don't sell anything. We don't track you. If you're just browsing this site, we know literally nothing about you.

This Website

This is a static HTML site. No cookies, no analytics, no tracking pixels, no fingerprinting. Your browser loads the page, and that's it. Server logs exist (they're a basic function of web servers) and contain IP addresses and request paths. We don't analyze them for marketing. They rotate and delete automatically.

Our Products

Spaaaace: Runs entirely on-device. No data leaves your Apple device. No accounts required. No telemetry.

Hermes: Orchestration happens where you deploy it. We don't run a central server. Your agents, your infrastructure, your data.

CyberDark: Red team toolkit that operates within your authorized scope. All operations logged locally. No external data transmission.

CyberBook: Static knowledge base. No user accounts, no tracking, no data collection.

Email / Contact

If you email us, we have your email. We use it to reply. We don't add it to a marketing list, and we don't share it. If you want us to delete it, say so and we will.

Third Parties

This site loads fonts from Google Fonts. That's the only third-party request. We're working on self-hosting those too. Beyond that, nothing. No CDNs, no analytics providers, no ad networks, no social media widgets.

Changes

If this policy changes, we'll note it here with a date. We won't email you about it because we don't have your email (see above).

Last updated: February 2025

Stay In The Loop

Weekly cybersecurity insights, AI updates, and practical advice. No spam, no tracking, unsubscribe anytime.

Get In Touch

We read every email. No contact forms, no ticket systems, just email.

[email protected]
GitHub X / Twitter

Report a Security Vulnerability

Found a vulnerability in any of our projects? We take security seriously. Responsible disclosure earns our respect, not legal threats.

Please include:
• The project name and where the vulnerability exists
• Steps to reproduce (if possible)
• Your assessment of impact and severity

[email protected]

PGP key available on request. We acknowledge all reports within 48 hours.