DESTAWELL
Get in Touch
Mobile Security Research Lab

Mobile Security Research

Closing the gap between desktop security tooling and mobile environments. Built for Termux, Kali NetHunter, and ARM64 — no root required.

Tools Released4
Target PlatformAndroid ARM64
Root RequiredNone
CVE Disclosures1 Filed
LicenseOpen Source
FocusMobile-First
4+Open-Source Tools
ARM64Native Target
$0Always Free
CVE AI Finding

Purpose-Built for Mobile

We build practical infrastructure where traditional security tooling fails — on phones, tablets, and ARM devices.

Mobile Pentesting Infrastructure

Purpose-built for Termux and Kali NetHunter on ARM64 Android devices. Full Linux userlands, network scanners, and repair tooling that works without root access.

LLM Safety Research

Testing frontier model guardrails against real-world exploit generation tasks. Documenting bypasses, disclosure responses, and alignment gaps in AI code assistants.

Open-Source Tooling

Every tool is free, auditable, and maintained on GitHub. No paywalls, no telemetry. Built by researchers, for researchers in resource-constrained environments.

Latest Research · RES-2025-001

Gemini 2.5 Pro — Safety Alignment Bypass

We demonstrated that Google’s Gemini 2.5 Pro generated a fully functional Linux kernel exploit for CVE-2023-32233 (nf_tables use-after-free) from a single prompt, while GPT-4o, Claude 3.5, and Llama 3 correctly refused. The issue was filed via Google IssueTracker and marked as out-of-scope.

Read full disclosure →

Open-Source Tools

Production-ready utilities for mobile security work. Designed for Termux and ARM64, tested on real devices.

TERMUX-FIXER

ACTIVE

Auto-repair for broken Termux environments.

  • Repairs broken $PREFIX and package database
  • Restores default repositories and GPG keys
  • Fixes common permission and symlink issues
  • Non-destructive, idempotent recovery scripts
bashtermuxrepairandroid
View on GitHub

KALI-TERMUX-PRO

ACTIVE

Full Kali Linux userland inside Termux — no root.

  • Complete Kali toolset via proot-distro
  • Persistent home, apt, and systemd-shim
  • VNC and GUI support for mobile
  • Optimized for ARM64 and low RAM
kalinethunterprootarm64
View on GitHub

WRAITH-SCANNER

ACTIVE

Lightweight network discovery for mobile.

  • Fast ARP and TCP SYN host discovery
  • Service fingerprinting with minimal battery
  • JSON/CSV export for reporting
  • Built for Termux, no root required
scannernetworkreconmobile
View on GitHub

KALI_CRITIC

ACTIVE

Real-time output analysis for Kali Linux.

  • Parses nmap, gobuster, sqlmap output live
  • Suggests next steps and flags misconfigs
  • Local-first analysis, optional LLM assist
  • Designed for mobile terminal workflows
analysisautomationkalicli
View on GitHub

Research & Disclosures

Independent red teaming focused on AI safety and mobile attack surface.

RES-2025-001 · AI Safety · Published 2025

Gemini 2.5 Pro — Safety Alignment Bypass via Kernel Exploit Generation

A controlled red-team exercise demonstrating inconsistent safety guardrails across frontier LLMs when prompted for exploit development against a known Linux kernel vulnerability.

Finding Summary

Google Gemini 2.5 Pro generated a complete, functional proof-of-concept exploit for CVE-2023-32233 — a high-severity use-after-free in the Linux kernel nf_tables subsystem — in response to a direct technical prompt. The output included kernel memory manipulation primitives, namespace setup, and trigger logic consistent with public writeups.

Under identical prompting conditions, OpenAI GPT-4o, Anthropic Claude 3.5 Sonnet, and Meta Llama 3 all refused to comply, citing safety policies against facilitating cyberattacks.

Model Comparison Matrix

ModelPrompt TypeResponseOutput
Gemini 2.5 ProDirect exploit requestGenerated exploitFull C code for CVE-2023-32233
ChatGPT-4oDirect exploit requestRefusedSafety policy block
Claude 3.5 SonnetDirect exploit requestRefusedSafety policy block
Llama 3 70BDirect exploit requestRefusedSafety policy block

Methodology

Testing was conducted in an isolated lab with no internet-connected targets. Prompts requested a "proof-of-concept for educational research" for CVE-2023-32233. No jailbreaks, obfuscation, or multi-turn manipulation were used. Outputs were validated against public exploit techniques but never executed against production systems.

Disclosure Timeline

  • Filed: Google IssueTracker #889286 (AI Safety)
  • Vendor Response: Marked as "Won't Fix (Intended Behavior) – Out of Scope"
  • Public Action: Full technical documentation and reproduction steps published for transparency
  • Repository: github.com/Destawell/gemini-2.5-pro-nf-tables-red-teaming
Ethics Statement: All research adheres to responsible disclosure principles. No weaponized code was distributed. Findings are published to improve model safety alignment and inform defensive work. Testing was limited to local VMs in a controlled environment.

About Destawell

Independent research lab founded in 2025, building security tooling for the next billion mobile researchers.

NR

Niranj R. Mahaswar

Founder · Lead Security Researcher

Mobile pentesting, ARM64 tooling, and LLM red teaming. Focused on making advanced security capabilities accessible on Android without root. Cisco Certified: Ethical Hacker, CyberOps, Networking.

@Niranj-coder
S

Shifana

Co-Founder · Brand & Community

Leads documentation, community programs, and research publishing. Ensures tools are accessible, well-documented, and built with researchers in India and globally in mind.

"The gap between desktop security tooling and mobile environments is massive."

Destawell was created to close it. Most security labs assume x86 desktops, unlimited power, and root access. We design for Termux on a phone in a hostel room — where the next generation of researchers actually learn.

Mobile-first: Everything runs on ARM64 Android, no root required.
Open by default: MIT-licensed, documented, reproducible.
Safety focused: We publish red-team findings to improve alignment, not to harm.

Contact

For collaborations, disclosures, or tool support.

Email

niranjmaheswar0@gmail.com

GitHub

github.com/Destawell

DEV

dev.to/destawell

Hashnode

destawell.hashnode.dev

Instagram

@destawell_off
Security Disclosures: If you have found a vulnerability in our tools, please email us directly. We operate a 90-day coordinated disclosure policy and credit researchers in our advisories.

Organization Details

OrganisationDestawell Research
LocationIndia
Founded2025
TypeIndependent Research Brand
StatusOperational
Response Time2-4 business days