Stratir

Stratir Research

Yoru

What happens when Forward Deployed meets uncensored cyber capability?

Yoru is a Stratir research project: a tactical command console for offensive security, built for the moment when frontier labs and companies start filtering models, logging sessions, and pulling access from underneath authorized operators.

Status

Research · Private alpha

macOS Apple Silicon

Studio

Stratir

Founder-led applied AI

Platform

macOS · Apple Silicon

Tactical command console

Inference

BYO Ollama

No cloud inference required

The operational layer between raw model weights and a finished engagement.

Cloud red-team platforms are consolidating, censoring, and logging. Defenders who need sovereignty (uncensored chains, local artifacts, no vendor lock-in) still lack a desk that feels like a command post instead of a chat wrapper.

Yoru gives operators who need sovereign inference a workspace that routes natural language into real offensive capabilities, keeps findings visible across a full engagement cycle, and preserves one continuous thread from scope to report.

Stratir is researching and optimizing how uncensored models can be utilized responsibly for bug bounty, pentesting, and tactical red team work, with authorization, scope discipline, and artifact retention built into the surface itself.

Cloud platforms filter. Operators need sovereignty.

Model access revoked or filtered

Bring your own weights via Ollama: BugTrace Ultra, Huihui GLM-5.2, and other local models.

Chat-only UX with no operational memory

Single agent thread across six phases; findings accumulate instead of resetting.

YAML and template busywork

Findings-first canvas: assets, services, vulnerabilities, and evidence before templates.

Scattered tooling across the engagement

Agent panel routes natural language into offensive skills across recon, exploit, and post-ex.

One operation. One thread. Nothing discarded between phases.

Yoru maps the standard offensive workflow into a continuous command surface. Canvas context switches; agent chat, live findings, and saved outputs persist from scope to submission pack.

01

PLAN

Planning

Scope, rules of engagement, target intel

Target URL, program notes, ROE checklist

02

RECON

Reconnaissance

Surface mapping, asset discovery, OSINT

Subdomains, hosts, passive intel

03

ENUM

Enumeration

Service fingerprinting, attack surface expansion

Ports, endpoints, auth flows

04

EXPLOIT

Exploitation

PoC development, bypass, initial access

Validation queue with severity and evidence

05

POST

Post-Exploitation

Privesc, lateral movement, persistence

Impact chain, blast radius, breadth

06

REPORT

Reporting

Artifacts, evidence, executive summary

Submission pack and severity rollup

A command post, not a chat box.

01

Tactical command layout

Operations sidebar, phase-aware canvas, agent chat rail, and scoped console, structured like a command post, not a single chat window.

02

Sovereign local inference

BYO Ollama with a model registry tuned for tooling, PoC generation, and uncensored multi-stage reasoning chains on operator-controlled hardware.

03

Agent-routed skills

Natural language routes into offensive capabilities: SQLi, XSS, Nuclei, CVE PoC, JWT attacks, code review, EDR evasion, shellcode, and kernel work.

04

Findings-first canvas

Live feed for assets, services, vulnerabilities, access, and evidence. Operators see what is happening, not just what the model said last.

05

Continuous engagement thread

One operation, one thread. Phase transitions change canvas context without discarding chat history, outputs, or accumulated findings.

06

Scoped operator console

Console, network, services, and terminal rails tied to the active engagement, structured for review and phase context, not disposable chat.

Optimizing uncensored models for authorized offensive work.

The research question is not whether uncensored models exist. They do, in open weights and local runtimes. The question is how authorized operators route them into scoped workflows without losing review discipline, artifact retention, or the operational memory that separates a finished engagement from a disposable chat log.

  • Bug bounty workflows with local uncensored reasoning chains
  • Pentest phase orchestration and findings retention
  • Tactical red team skill routing and model selection
  • Artifact export, session governance, and operator review gates
  • Model capability mapping for tooling vs. deep reasoning roles

Bring your own weights. Route by capability.

Tooling model

BugTraceAI CORE Ultra

27B Q6 · workstation tier

  • Nuclei templates
  • CVE PoC generation
  • Code security review
  • JWT tooling
  • Kernel exploit development

Uncensored MoE

Huihui GLM-5.2 Abliterated

754B MoE · server cluster tier

  • Multi-stage exploit chains
  • EDR evasion reasoning
  • Shellcode and binary development
  • Uncensored red-team planning
  • Long-context operation briefs

Field · discipline · clarity.

01

Sovereignty is operational.

When model access can be revoked, filtered, or logged by a vendor, the operator who needs uncensored chains must own the inference surface.

02

Findings outlive chat.

An engagement is not a conversation. It is assets, services, vulns, and evidence that must survive every phase transition.

03

Routing beats prompting.

Natural language should dispatch into scoped offensive capabilities with phase-aware skill chips, not generic assistant behavior.

04

Authorization is the gate.

Yoru is built for authorized operators with explicit scope. Research without lawful authorization is out of scope for this project.

Forward deployed work taught Stratir that software has to survive contact with the operator's reality. Yoru applies that same doctrine to offensive security: sovereign models, continuous findings, and a command surface that respects the full engagement cycle.

Vance Poitier / Founder & CTO of Stratir

Key lessons from Palantir on the importance of AI sovereignty.

Yoru exists because offensive operators face the same sovereignty crisis institutions are confronting everywhere: filtered models, logged sessions, transferred data, and weights controlled by vendors who optimize for their gain. These key lessons from Palantir on the importance of AI sovereignty frame why local inference, retained artifacts, and owned weights are not ideological preferences. They are preconditions for institutional survival.

  1. 01

    Your AI sovereignty dictates your institution's future.

    Sovereignty is the precondition for choice. Relinquishing sovereignty transfers the future choices of your institution to others, who are likely to exploit it for their gain and your loss.

  2. 02

    Data retention is your treasure. Transfer it at your own peril.

    Your ability to win is dictated by your ability to recognize and use your unique edges, and you keep winning by compounding the underlying data to generate new insights. Transferring that data hands over access to your pre-existing winning plays and yields the means of production for new ones.

  3. 03

    Tokenmaxxing hijacks your value orientation.

    The pursuit of high token usage incentivizes disposable scripts over robust software, with the addictive feeling of false progress. There is a reason why those selling tokens refuse to charge based on value.

  4. 04

    Controlling your weights is controlling your fate.

    Weights are the distilled form of hard-won, accumulated institutional knowledge. If you let others control your weights, you are allowing them to migrate the alpha of your business to theirs.

  5. 05

    There is no contradiction between sovereignty and alpha.

    The architecture that maximally preserves sovereignty is one that enables institutions to own their tribal knowledge, and to compound it as alpha.

  6. 06

    Politicizing technical sovereignty helps your adversary.

    Techno-politicization is the wellspring of false sovereignty. Techno-politicization drives decisions that seem to reduce dependency, but ultimately limit agency, especially on the battlefield in the West.

  7. 07

    Real expertise is existential.

    Allowing politics or favoritism to determine your technical decisions rewards whoever is best at politics, not whoever is right. Listen to those closest to the problems, not those speaking most compellingly about them.

  8. 08

    Learn from institutions that are winning.

    Institutions facing existential threats do not have the luxury of making technical decisions based on political preferences.

  9. 09

    Only listen to those with a proven record of being right.

    A track record of correctness is the best and only signal for future correctness. Judging something as right or wrong based on who you like is exceedingly misguided.

Yoru is a Stratir research project for authorized offensive security work only. Use requires explicit authorization, defined scope, and compliance with applicable law. Stratir does not endorse unauthorized access, harassment, or unlawful intrusion.

Stratir Research

Forward deployed meets sovereign cyber capability.

Yoru is a Stratir research project exploring how uncensored local models should be routed, governed, and operationalized for authorized offensive security work.

Discuss research access