MANIFESTO · WHY WE BUILD
Security that.
Most of this industry sells fear: walls, locks, surveillance, dread. We think security is a craft that should empower people and quietly make the world better. That conviction shapes everything we build.
Empowerment, not fear.
We don’t sell dread and we don’t design with it. Good security work is curious, patient, and constructive. Our tools should feel that way too.
Arm the individual; equip the organization.
The industry’s money flows to enterprises, while the researchers who actually find the flaws are left to make do. We build for the researcher first, because better tools for them are better security for everyone who depends on them, and we equip the organizations that need to keep up.
Protection should reach ordinary people.
Every flaw found and fixed is safety inherited by people who will never read a security advisory. That inheritance is the point.
Give back what we grow.
We came up through a community that shares. Open source is how we return the favor: we build and contribute open-source security work, roots feeding ground we don’t own.
We make the digital world safer by arming the people who fix it.
meet the teamTHE PEOPLE · BEHIND IT
Five who holdthese .
zpetal is built by five people with backgrounds in AI research and web-security research. We build the tools this work demands, informed by having done the work ourselves.
We have done this work ourselves: sitting behind the login, poking at real applications, pulling on a thread until the system finally gives up its logic, then writing the whole thing up so someone else could see what we saw. The slow, repetitive middle of that is the part no tool ever took off our hands. So we are building one that does.
We keep the team small and the craft close. We build in the open, we contribute what we learn, and we give back to the community that taught us how to do any of this in the first place. We would rather make the work better for the people doing it than sell anyone a reason to be afraid.
PRACTICE
grounded in offensive security: web-application testing
AI RESEARCH
focused on how AI systems behave, and how to build with them well
OPEN SOURCE
we build and contribute in the open