Test Your Live AI
Before Attackers Do
Real attack simulations against your production AI endpoints
22+ attack categories, 500+ templates covering prompt injection, jailbreak, PII leakage, RAG poisoning, agent attacks, and more. Audit-grade evidence for compliance teams.
Static Scans Miss Runtime Attacks
Code analysis tells you what could go wrong. Runtime testing tells you what actually gets through your defenses today.
Traditional Pen Testing
- Quarterly or annual — not continuous
- Manual, expensive, slow to deliver results
- No coverage for AI-specific attacks
- Results stale by next deployment
HAIEC Runtime Security Scanner
- On-demand and continuous — test any time
- Automated, results in minutes, not weeks
- 22+ AI-native attack categories, 500+ templates
- Run after every deploy to stay current
What We Test
22+ attack categories, 500+ templates drawn from OWASP LLM Top 10, real-world incidents, and original HAIEC research
Prompt Injection
CriticalDirect and indirect prompt injection attacks that override system instructions or inject malicious commands
Jailbreak
CriticalAttempts to bypass safety guardrails and make the AI generate restricted or harmful content
Role Confusion
HighManipulating the AI into assuming unauthorized roles (DAN, developer mode, etc.)
Context Injection
HighInjecting false facts, policies, or instructions into the conversation context
Extraction / System Prompt Leak
HighExtracting confidential system prompts, internal instructions, or proprietary knowledge
Tool Forcing
CriticalForcing unauthorized tool or function calls, code execution, or privileged operations
PII Leakage
CriticalMaking the AI reveal personally identifiable information, training data, or user records
Toxicity
HighProvoking the AI to generate offensive, hateful, or harmful content via adversarial prompting
Bias Exploitation
HighExploiting AI biases to generate discriminatory outputs or unfair decisions
DoS / Context Overflow
MediumExtremely long inputs designed to cause context overflow, latency spikes, or denial of service
Multimodal Attacks
HighCross-modal injection via images, audio, or documents that embed attack payloads
Data Exfiltration
CriticalIndirect data exfiltration via markdown links, webhooks, or encoded outputs
RAG Poisoning
CriticalExploiting retrieval-augmented generation pipelines via poisoned documents or metadata injection
Agent Attacks
CriticalMulti-step manipulation of AI agents to chain unauthorized tool calls or escalate privileges
Goal Hijacking
HighRedirecting the AI's primary objective to serve attacker goals or abandon its intended task
Encoding Bypass
HighUsing Base64, Unicode, ROT13, or other encodings to bypass content safety filters
Cost Explosion
MediumCrafted inputs designed to maximize token usage and inflate API costs unsustainably
Chatbot Manipulation
MediumGradual multi-turn manipulation that shifts chatbot behavior across a conversation session
Conversation Hijacking
HighInjecting content that seizes control of another user's conversation or cross-contaminates sessions
Brand Safety
MediumCoercing the AI to generate off-brand, controversial, or reputationally damaging content
Hallucination Exploit
MediumExploiting AI hallucinations to generate false but authoritative-sounding misinformation
Compliance Bypass
CriticalTricking the AI into violating regulatory requirements or legal constraints it should enforce
Social Engineering
HighPsychological manipulation (urgency, authority, sympathy) to bypass AI safety measures
How It Works
From endpoint registration to audit-grade report in five steps
Register Your Endpoint
Provide your AI endpoint URL and authentication details. Localhost works immediately — no verification needed. Production endpoints require domain verification (DNS TXT, meta-tag, or file-based).
Supports REST APIs, OpenAI-compatible chat/completions format, LangChain, and custom protocols.
Select Attack Profile
Choose from 22+ attack categories and 500+ templates. Optionally configure a scan profile (VOICE, AGENTIC, EMBEDDED_SAAS, RAG, AI_ASSISTED_DEV) to run profile-appropriate attack variants.
Templates are sourced from OWASP LLM Top 10, real-world incident reports, and original HAIEC research.
Live Attack Simulation
Our Modal-powered engine sends safe, non-destructive attack payloads to your endpoint in real time. Every request and response is captured and timestamped as cryptographic evidence.
Tests run in isolated execution contexts. No attack payload ever touches your database or filesystem.
AI-Graded Results
Each response is evaluated by a safety scorer to detect whether the attack succeeded. Findings are classified by severity (CRITICAL, HIGH, MEDIUM, LOW) and attack category.
Safety scoring uses multi-signal detection: pattern matching, semantic analysis, and structural violation checks.
Audit-Grade Report
Get an executive report with risk score, findings breakdown, prioritized recommendations, and an integrity hash proving the report has not been altered since generation.
Export as PDF, HTML, or JSON. Reports include compliance mapping appendix for auditor submission.
Any AI Endpoint, Any Stack
If it accepts HTTP POST with a user message and returns AI output, we can test it
AI Chatbots
Customer-facing chat windows, support bots, onboarding assistants
OpenAI / Anthropic Wrappers
Any API route that proxies or wraps GPT, Claude, Gemini, or other LLMs
RAG Applications
LangChain, LlamaIndex, vector-store-backed Q&A systems
AI Agents
Autonomous agents with tool access, code execution, or external API calls
Attack Flow Architecture
Every request/response pair is captured as timestamped evidence. Report integrity is verified with SHA-256 hash.
Why HAIEC Runtime Security
Purpose-built for AI systems — not a generic pen testing tool
Minutes to First Test
Point at any HTTP AI endpoint. No instrumentation, no SDK changes, no code deployment.
Compliance Evidence
Audit-grade reports with integrity hash, test evidence, and mappings to OWASP, SOC 2, GDPR, HIPAA, EU AI Act.
Continuous Monitoring
Schedule recurring tests and get alerted when new vulnerabilities are detected between deployments.
CI/CD Ready
Trigger tests from your pipeline. Block deploys if critical vulnerabilities are found.
Compliance-Ready Evidence
Every test generates findings mapped to applicable regulatory frameworks