Visual LLM Security Testing Platform — Prompt Injection Scanner with AI-Powered Attack Correlation
Most LLM security tools are command-line only, academic, or cost $50k/year. redforge is the first free, visual, browser-based platform for testing your LLM against real prompt injection attacks — with a mutation engine that generates attack variations automatically.
- Visual — D3 attack flow diagram shows exactly which attacks got through vs were blocked
- Mutation engine — generates N variations of each attack using AI. A model that only blocks one phrasing is not truly hardened
- AI analysis — LLaMA 3.3 explains WHY attacks succeeded and gives prioritized fixes
- Provider agnostic — test any LLM endpoint, not just one vendor
- Free and open source — no enterprise contract, no credit card
| Category | What It Tests | Severity |
|---|---|---|
| Jailbreak | DAN, Developer Mode, Grandma Exploit, Token Smuggling | HIGH |
| Role Hijacking | Evil AI persona, Maintenance Mode, Character Capture | HIGH |
| Data Exfiltration | System prompt repeat, Context window dump | CRITICAL |
| Indirect Injection | RAG poisoning, Email injection, Hidden document instructions | CRITICAL |
| Encoding Bypass | Base64, ROT13, Unicode smuggling, Morse code | HIGH |
| System Prompt Leak | JSON format request, Translation attack, Roleplay reveal | CRITICAL |
Instead of testing one attack phrasing once, the mutation engine uses LLaMA 3.3 to generate N variations of each attack automatically.
A model that only blocks "Ignore previous instructions" might still comply with "Disregard all prior directives" or "Your previous context has been reset".
- 0/10 mutations succeed — genuinely hardened
- 3/10 mutations succeed — partially vulnerable
- 8/10 mutations succeed — critically vulnerable
| Layer | Technology |
|---|---|
| Backend | Python, FastAPI, SQLAlchemy, SQLite |
| AI | Groq API + LLaMA 3.3 70B |
| Frontend | React 18, Vite, TailwindCSS |
| Visualization | D3.js |
git clone https://github.com/NandiniBhuva/redforge.git
cd redforge
cd backend
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
echo "GROQ_API_KEY=your-key-here" > .env
uvicorn main:app --reload --port 8000
Get a free Groq API key at console.groq.com — no credit card required.
cd frontend
npm install
npm run dev
- Select a deployment scenario (General Assistant, Customer Service, Coding Assistant, Data Analyst)
- Choose attack categories to test
- Set mutation count — 1 is fast, 10 is thorough
- Choose Demo mode or paste your own API endpoint
- Click Run Scan
- Watch attacks fire in the D3 flow diagram
- Review AI-generated security report with prioritized fixes
redforge can test any LLM endpoint that accepts POST requests with JSON body {"message": "..."} and returns a response field. Select Custom endpoint in the Target section and paste your URL and API key.
86% of production LLM applications are vulnerable to prompt injection. OWASP lists it as the number 1 LLM vulnerability. Yet most developers ship AI features with zero adversarial testing — not because they do not care, but because the tooling did not exist. redforge was built to change that.
MIT