Post-Exhaustion Password Search
ChaosWalker
A post-exhaustion architecture that explores massive password spaces through pseudorandom, non-repeating sampling rather than linear brute force.
ChaosWalker addresses the moment when dictionary, rule, and mask attacks are exhausted and the remaining keyspace is too large to enumerate. The system divides the password domain into weighted structural partitions, uses Feistel-based permutations for pseudorandom non-repeating traversal within each partition, and combines global sampling with localised heuristic mutations filtered by a Bloom filter. Candidate generation is decoupled from verification — ChaosWalker streams candidates to GPU-optimised engines such as Hashcat through a stdin pipeline.
Read the full research paper →
What we are exploring
The system is shaped by questions we keep returning to in our research notes. Where answers are speculative, the design is conservative; where the answers are mature, we ship against them.
Why it matters
Projects exist to be measured against outcomes, not against a launch narrative. The studio reviews each project against the standard a regulated enterprise would apply to any operational system.
Architecture slides












