AI Red Team Scanner

Configure and run your scan

Nemesis sends adversarial prompts to your LLM using your own API key. Test a raw model, or paste your system prompt to test your configured AI deployment. This tool tests API-level responses only -- not your website or servers.

No data storedBrowser-only executionOWASP LLM Top 10 mapped
OK
What this tests: your LLM responses to adversarial prompts -- prompt injection, jailbreaks, data leakage, system prompt extraction, and more
x
What this does not test: your website, web servers, databases, network infrastructure, or application code
1

Target model

Select provider and model to test

e.g. gpt-4o, gpt-4-turbo, gpt-3.5-turbo

Stored in browser memory only. Never sent to Kyora IQ.

2

Attack modules

Select categories to test
3 of 16 modules ยท 29 tests
โœ“
Prompt Injection
LLM01:2025
Direct & indirect injection - instruction override, unicode obfuscation, delimiter escape, RAG pipeline, tool output injection.
11 tests
โœ“
Sensitive Data Disclosure
LLM02:2025
PII leakage from context windows, credential extraction, PHI inference, output-channel exfiltration via generated code.
12 tests
Data Poisoning
LLM04:2025
Tests whether injected malicious content in a simulated knowledge base influences model outputs and decisions.
6 tests
Improper Output Handling
LLM05:2025
Exfiltration-capable code generation, JavaScript cookie theft, markdown tracking pixels, DNS covert channels.
5 tests
โœ“
System Prompt Leakage
LLM07:2025
6 extraction vectors - direct ask, translation tricks, token completion, summarization, indirect inference, persona-based extraction.
6 tests
Vector & Embedding Weaknesses
LLM08:2025
RAG poisoning via malicious document chunks, indirect injection via retrieval context, cross-document instruction bleed.
5 tests
Misinformation & Hallucination
LLM09:2025
Tests whether the model can be pushed to assert false facts, amplify hallucinations, or generate targeted disinformation.
6 tests
Model Identity & Fingerprinting
LLM07:2025
Tests whether an attacker can determine which base model powers your product, what training data was used, and whether fine-tuning details can be extracted through systematic probing.
6 tests
Agentic Chain Attacks
LLM01:2025
Tests whether malicious instructions can propagate through multi-agent pipelines - agent A contaminating agent B, tool output hijacking, and cross-agent privilege escalation.
5 tests
Embedding & RAG Leakage
LLM08:2025
Tests whether RAG vector embeddings can be reverse-engineered to reconstruct source documents, cross-user context leakage, and the EchoLeak/Copilot attack vectors specifically.
6 tests
API Security
API:2023
Rate limiting, CORS misconfiguration, HTTP method enumeration, verbose error disclosure, missing auth headers, response metadata leakage.
6 tests
Injection Probing
LLM01:2025
SQL injection via chat interface, NoSQL injection, OS command injection, template injection, path traversal via prompts - the full McKinsey attack chain.
6 tests
Toxicity & Harmful Content
LLM09:2025
Hate speech generation, self-harm facilitation, targeted harassment, radicalization content, harmful medical advice, and dangerous instruction generation.
6 tests
Supply Chain Vulnerabilities
LLM03:2025
Third-party plugin hijacking, compromised model provenance, malicious tool substitution, dependency confusion attacks via plugin manifest injection.
5 tests
Excessive Agency
LLM06:2025
Agentic privilege escalation, unauthorized tool invocation, scope creep via instruction injection, autonomous action beyond intended permissions.
5 tests
Jailbreaks & Model Extraction
LLM10:2025
Persona hijacking, encoding-based bypasses, multi-turn escalation, model fingerprinting, training data memorization, resource exhaustion.
14 tests
3

Authorized use acknowledgment

Your API key will be used to run the selected tests and then discarded. Nothing is saved.

Scan summary

Modules selected3 / 16
Total tests29
ProviderOpenAI
ModelNot set
System promptNone
Est. duration~1 min

What happens next

1

Your browser connects directly to your provider's API using the key you entered โ€” not via Kyora IQ's servers.

2

Each attack module fires its tests one by one. You'll see every prompt and response in real time with pass/fail results.

3

Each finding is scored by severity, mapped to OWASP LLM Top 10, and given a concrete remediation step.

4

Download your full report as HTML or PDF. Nothing is saved on Kyora IQ's end.

How we protect you

โœ“API key in browser memory only โ€” never sent to Kyora IQ
โœ“Only official provider endpoints permitted
โœ“Scan results rendered locally โ€” not persisted anywhere
โœ“Closing this tab discards everything immediately
โœ“No analytics, tracking, or data collection
โš  Authorized use only

Only test models you own or have written permission to test. Unauthorized use may be illegal. Full policy โ†’