🔧 AI Security Testing Tools

Open-source LLM vulnerability scanner by NVIDIA. Probes for hallucinations, data leakage, prompt injection, toxicity, and jailbreaks with automated reporting.

Microsoft's open-source framework for AI red teaming. Automates attacks on LLM endpoints including jailbreaks, prompt extraction, and harmful content generation.

Open-source input/output scanner for LLM applications. Detects prompt injection, PII leakage, toxic outputs, and other security risks in real-time.

Self-hardening prompt injection detector with multi-layer defense. Uses heuristics, LLM-based analysis, and vector similarity to catch attacks.

Visual prompt injection testing tool that maps attack surfaces and identifies vulnerabilities through systematic prompt mutation and fuzzing.

Detects prompt injection via GitHub PR titles, issues, and comments targeting AI coding agents (Claude Code, Gemini CLI, Copilot Agent). Inspired by the April 2026 Johns Hopkins research.

Open-source automated red teaming framework for LLMs. Generates adversarial prompts, evaluates model responses, and produces security reports.

Commercial AI red teaming platform with automated adversarial testing, robustness evaluation, and compliance reporting for enterprise LLM deployments.

Microsoft's official AI red team resources and PyRIT framework. Includes attack libraries, evaluation datasets, and best practices for LLM security testing.

Enterprise-grade LLM security platform with real-time prompt injection detection, data loss prevention, and automated security assessments.

Security scanner for OpenClaw agent frameworks. Detects exposed instances, tool registry poisoning, gateway misconfigurations, and function-call injection risks.

Open-source debugging and security inspection tool for Model Context Protocol servers. Validates inputs, audits tool definitions, and tests for injection vectors.

Observability and security monitoring platform for AI agents. Tracks agent actions, detects anomalous behavior, and provides security audit trails.

Security scanner for Hermes Agent frameworks. Detects tool registry poisoning, function-call injection, Brainworm/C2-style attacks, and malicious skill patterns.

Collection of Burp Suite extensions for testing LLM-backed APIs. Includes prompt injection payloads, response analyzers, and API security test cases.

Official OWASP checklist for LLM application security testing. Structured test cases covering all 10 LLM risk categories with verification steps.

Open-source framework for evaluating language models on hundreds of benchmarks. Supports safety evaluations, truthfulness tests, and custom task creation.

Holistic Evaluation of Language Models by Stanford. Comprehensive benchmarking framework covering accuracy, calibration, robustness, fairness, and social bias.

Industry-standard AI safety benchmarking initiative. Provides standardized tests for hazardous capabilities, harmful outputs, and model alignment evaluation.