01
Sovereign inference surface
Operators bring their own Ollama weights with routing tuned for tooling, PoC generation, and multi-stage reasoning without vendor filtering mid-engagement.
Offensive systems research
YORU
Active research · Private alpha
A Stratir research program developing a tactical command console for authorized offensive security: sovereign local inference, phase-driven engagements, agent-routed capabilities, and findings that survive every transition.
Yoru is a Stratir research project: a tactical command console for offensive security, built for the moment when frontier labs and companies start filtering models, logging sessions, and pulling access from underneath authorized operators.
Background
Cloud offensive platforms are consolidating access, filtering model behavior, and logging sessions operators cannot fully control. Authorized researchers and practitioners who require sovereign inference, retained artifacts, and uncensored reasoning chains lack a command surface built for engagements rather than disposable chat.
Yoru investigates the operational layer between raw model weights and a finished engagement: how natural language routes into scoped offensive capabilities, how findings accumulate across phases, and how one continuous thread persists from planning through reporting.
The program evaluates whether a macOS tactical console can govern uncensored local models responsibly for bug bounty, penetration testing, and authorized red team work under explicit scope and review discipline.
Program objectives
01
Operators bring their own Ollama weights with routing tuned for tooling, PoC generation, and multi-stage reasoning without vendor filtering mid-engagement.
02
One operation, one thread: assets, services, vulnerabilities, and evidence persist across six operational phases without resetting context.
03
Natural language dispatches into scoped capabilities with phase-aware routing rather than generic assistant behavior.
04
Operators see what the engagement produced, not only what the model said last: a live feed structured for review and reporting.
Technical approach
Yoru maps the standard offensive workflow into a single command surface: operations sidebar, phase-aware canvas, agent chat rail, and scoped console tied to the active engagement.
Research emphasizes artifact retention, session governance, and model capability mapping so operators can select weights for tooling versus deep reasoning roles without losing review discipline.
Canvas context switches across PLAN, RECON, ENUM, EXPLOIT, POST, and REPORT while chat history and findings remain attached to the operation.
Agent routes into recon, exploit, and post-ex capabilities with severity, evidence, and validation structures appropriate to submission workflows.
Engagement outputs remain on operator-controlled hardware with export paths designed for authorized reporting, not cloud retention by default.
Operational pressure
Model access revoked or filtered
Bring your own weights via Ollama: BugTrace Ultra, Huihui GLM-5.2, and other local models.
Chat-only UX with no operational memory
Single agent thread across six phases; findings accumulate instead of resetting.
YAML and template busywork
Findings-first canvas: assets, services, vulnerabilities, and evidence before templates.
Scattered tooling across the engagement
Agent panel routes natural language into offensive skills across recon, exploit, and post-ex.
Research areas
Each surface is evaluated as part of a command post, not an isolated feature demo.
01
Operations sidebar, phase-aware canvas, agent chat rail, and scoped console, structured like a command post, not a single chat window.
02
BYO Ollama with a model registry tuned for tooling, PoC generation, and uncensored multi-stage reasoning chains on operator-controlled hardware.
03
Natural language routes into offensive capabilities: SQLi, XSS, Nuclei, CVE PoC, JWT attacks, code review, EDR evasion, shellcode, and kernel work.
04
Live feed for assets, services, vulnerabilities, access, and evidence. Operators see what is happening, not just what the model said last.
05
One operation, one thread. Phase transitions change canvas context without discarding chat history, outputs, or accumulated findings.
06
Console, network, services, and terminal rails tied to the active engagement, structured for review and phase context, not disposable chat.
Engagement model
Canvas context transitions across phases. Agent sessions, findings, and outputs persist from scope through reporting.
PLAN
01
Scope, rules of engagement, target intel
Target URL, program notes, ROE checklist
RECON
02
Surface mapping, asset discovery, OSINT
Subdomains, hosts, passive intel
ENUM
03
Service fingerprinting, attack surface expansion
Ports, endpoints, auth flows
EXPLOIT
04
PoC development, bypass, initial access
Validation queue with severity and evidence
POST
05
Privesc, lateral movement, persistence
Impact chain, blast radius, breadth
REPORT
06
Artifacts, evidence, executive summary
Submission pack and severity rollup
Research focus
The research question is not whether uncensored models exist. They do, in open weights and local runtimes. The question is how authorized operators route them into scoped workflows without losing review discipline, artifact retention, or the operational memory that separates a finished engagement from a disposable chat log.
Model registry
Tooling model
27B Q6 · workstation tier
Uncensored MoE
754B MoE · server cluster tier
Program doctrine
01
When model access can be revoked, filtered, or logged by a vendor, the operator who needs uncensored chains must own the inference surface.
02
An engagement is not a conversation. It is assets, services, vulns, and evidence that must survive every phase transition.
03
Natural language should dispatch into scoped offensive capabilities with phase-aware skill chips, not generic assistant behavior.
04
Yoru is built for authorized operators with explicit scope. Research without lawful authorization is out of scope for this project.
Test and evaluation
Yoru is benchmarked through bug bounty, pentest, and red team scenarios: scope definition, multi-phase execution, agent-routed skill use, findings retention, and report assembly under operator review.
AI sovereignty
Yoru exists because offensive operators face the same sovereignty crisis institutions are confronting everywhere: filtered models, logged sessions, transferred data, and weights controlled by vendors who optimize for their gain. These key lessons from Palantir on the importance of AI sovereignty frame why local inference, retained artifacts, and owned weights are not ideological preferences. They are preconditions for institutional survival.
01
Sovereignty is the precondition for choice. Relinquishing sovereignty transfers the future choices of your institution to others, who are likely to exploit it for their gain and your loss.
02
Your ability to win is dictated by your ability to recognize and use your unique edges, and you keep winning by compounding the underlying data to generate new insights. Transferring that data hands over access to your pre-existing winning plays and yields the means of production for new ones.
03
The pursuit of high token usage incentivizes disposable scripts over robust software, with the addictive feeling of false progress. There is a reason why those selling tokens refuse to charge based on value.
04
Weights are the distilled form of hard-won, accumulated institutional knowledge. If you let others control your weights, you are allowing them to migrate the alpha of your business to theirs.
05
The architecture that maximally preserves sovereignty is one that enables institutions to own their tribal knowledge, and to compound it as alpha.
06
Techno-politicization is the wellspring of false sovereignty. Techno-politicization drives decisions that seem to reduce dependency, but ultimately limit agency, especially on the battlefield in the West.
07
Allowing politics or favoritism to determine your technical decisions rewards whoever is best at politics, not whoever is right. Listen to those closest to the problems, not those speaking most compellingly about them.
08
Institutions facing existential threats do not have the luxury of making technical decisions based on political preferences.
09
A track record of correctness is the best and only signal for future correctness. Judging something as right or wrong based on who you like is exceedingly misguided.
Transition and access
Yoru remains in private alpha while Stratir evaluates the command console with authorized operators and research partners. Transition follows demonstrated performance under scope discipline and operational review.
Forward deployed work taught Stratir that software has to survive contact with the operator's reality. Yoru applies that same doctrine to offensive security: sovereign models, continuous findings, and a command surface that respects the full engagement cycle.
Yoru is a Stratir research project for authorized offensive security work only. Use requires explicit authorization, defined scope, and compliance with applicable law. Stratir does not endorse unauthorized access, harassment, or unlawful intrusion.