ai-threat-testing
AI Threat Testing
Test LLM applications for OWASP LLM Top 10 vulnerabilities using 10 specialized agents. Use for authorized AI security assessments.
Quick Start
1. Specify target (LLM app URL, API endpoint, or local model)
2. Select scope: Full OWASP Top 10 | Specific vulnerability | Supply chain
3. Agents deploy, test, capture evidence
4. Professional report with PoCs generated
Primary Agents
Each agent targets one OWASP LLM vulnerability:
- Prompt Injection (LLM01): Direct/indirect injection, system prompt extraction
- Output Handling (LLM02): Code/XSS injection, unsafe deserialization
More from transilienceai/communitytools
hackerone
HackerOne bug bounty automation - parses scope CSVs, deploys parallel pentesting agents per asset, validates PoCs, and generates platform-ready submission reports.
59reconnaissance
Domain assessment and web application mapping - subdomain discovery, port scanning, endpoint enumeration, API discovery, and attack surface analysis.
47social-engineering
Social engineering testing - phishing, pretexting, vishing, and physical security assessment techniques.
45osint
Open-source intelligence gathering - company repository enumeration, secret scanning, git history analysis, employee footprint, and code exposure discovery.
43source-code-scanning
Security-focused source code review and SAST. Scans for vulnerabilities (OWASP Top 10, CWE Top 25), CVEs in third-party dependencies/packages, hardcoded secrets, malicious code, and insecure patterns. Use when given source code, a repo path, or asked to "audit", "scan", "review" code security, or "check dependencies for CVEs".
42web-app-logic
Web application logic testing - business logic flaws, race conditions, access control, cache poisoning/deception, and information disclosure.
41