The Problem
NetHunter is solid, but it's still Android underneath. You inherit the vendor blob stack, the Google services layer, and a UI that wasn't designed for launching msfconsole or aircrack-ng quickly. We wanted bare-metal Linux on handset hardware — but then we realized we didn't want Linux either.
The Kernel
The Crimson kernel is small enough to audit. Every syscall, every driver, every interrupt handler is ours. When you're carrying tools that probe other people's networks, you want to know exactly what's running on your own silicon.
Boot sequence on Pi 5: power-on → kernel init → framebuffer setup → GUI shell ready in <3 seconds. No initrd, no systemd, no module autoloading.
The GUI Shell
Direct framebuffer render loop. No compositor, no Wayland, no SurfaceFlinger. We draw every pixel. iOS-style app grid with dock, edge-swipe navigation panels, lock screen with PIN auth, crimson boot splash.
The tool launcher ("Excalibur") surfaces 140+ security tools across 12 categories. Each tool gets a parameter panel — toggles, dropdowns, input fields.
The HAL
Hardware Abstraction Layer talks directly to USB/UART devices. HackRF, Flipper, Proxmark — the GUI knows when hardware is attached because the HAL tells it.
Developer Platform
Because we own the userspace, we're building an app store where developers publish open-source software, set their own prices, and collect directly. No 30% platform tax, no gatekeeper approval for security tools that Apple or Google would reject.
Current Status
Kernel boots, GUI runs, tools integrate, RF HAL works. Moving to handset hardware for boot testing. Seeking bare-metal bring-up war stories.
Repo: https://github.com/synchancybersecurity/CrimsonOS License: Apache 2.0, SynChanCyberSecurity