hopeless/labs

About

We make security checks worth sharing.

Hopeless Labs is an open community of people building tooling for security work. Our first project is Ruso: a way to describe a vulnerability check as a small, readable script and run it anywhere.

Most scanners hide their logic behind plugins and config. Ruso takes the opposite stance — a check is plain text you can read, review, and version like any other code. When the logic is legible, it's easier to trust, easier to fix, and easier to share.

That sharing is the point. A check someone writes once should become tooling everyone can install. The Ruso registry exists to turn one-off research into a growing, community-owned library of scans — built in the open, by whoever shows up.

What we value

Legibility over magic
If you can't read what a tool does, you can't trust it. Everything we ship is meant to be read.
Small, composable pieces
A language, a runtime, a CLI, a registry — each does one job and fits the others.
Open by default
The ecosystem is open source and the registry is public. Research compounds when it's shared.

Join the community

The work happens in the open on GitHub — issues, discussions, and pull requests are all welcome. Everyone's invited to contribute.

Hopeless Labs on GitHub