Red Team Lab
We create a safer online environment for people in repressive contexts by making the tools they use more secure.
What we do
We fund security audits for internet freedom projects.
Get a free audit
Do you want to strengthen the security of your internet freedom tool? Red Team Lab matches internet freedom projects with trusted, expert security partners. We fund short-term support for:
- software security audits
- expert help with tackling known security issues
- security architecture and design reviews
You can also apply on behalf of a project that is not your own by contacting Red Team Lab directly.
We conduct public safety audits of state-sponsored apps.
Repressive governments worldwide often use software or mobile apps to surveil citizens or reduce their ability to communicate safely. We conduct public safety audits of potentially harmful software created by, associated with, or sponsored by governments.
If you’re concerned about the safety of citizens using a state-sponsored tool, you can let us know here.
Strengthening the security of tools critical to the internet freedom ecosystem.
How to Apply
If you’d like support from Red Team Lab for your internet freedom tool, complete our simple online application form. You can also use the form to recommend potentially harmful software for a public safety audit.
We accept applications on a rolling basis.
Am I eligible for support?
If your tool contributes to internet freedom anywhere in the world, we’d love to hear from you. Projects previously funded by OTF are welcome, and we’re always looking to grow our community with new projects. Please read about our mission and values before applying to make sure we’re a good fit.
You can also recommend a project that you think would benefit from Red Team Lab support, even if it’s not your own. In this case, please contact us directly.
Our security partners
Cure53 offers penetration tests for online services, security analysis and architectural advice, training and consulting, incident management, and web malware analysis.
Include Security specializes in Grey Box security assessments which allow consultants to be significantly more efficient in finding vulnerabilities, and provides security services for web applications, cryptography services, and adversarial audits.
Radically Open Security aids OTF as a Red Team Lab vendor by providing professional audits of programming code, penetration testing of systems and networks, organizational and operational security training, and providing detailed reports on findings alongside recommended solutions.
Subgraph supports the security needs of OTF-supported projects and projects from the broader internet freedom community through security audits and penetration testing based on well-established principles from the security and cryptography industries.
Trail of Bits assists OTF and its projects by providing numerous privacy and security opportunities, including cryptography services, public safety audits, forensic audits, and general security services.
7asecurity produces short and to-the-point penetration test reports with proven security vulnerabilities, testing against all kinds of web applications, online services, hardware interfaces, mobile applications, libraries, and cyrpto tools.
SAFE Lab provides security services for various software applications, cryptographic services, adversarial audits, and detailed reports of the findings and recommended solutions.