A production-grade offensive AI security platform for testing LLMs against real-world attack vectors.
RedVector AI is a full-stack AI red teaming platform built for offensive security engineers, penetration testers, and AI security researchers. It provides a structured, professional workflow for discovering, analyzing, and reporting vulnerabilities in Large Language Model (LLM) deployments.
The platform executes real attacks against live AI endpoints, analyzes responses using a multi-detector engine, maps findings to OWASP LLM Top 10 and MITRE ATLAS, and generates enterprise-grade security reports.
Dashboard, Scan Center with live terminal feed, Attack Chain Explorer, Threat Intelligence, Evidence Vault
- Real Attack Execution — Live payload delivery against OpenAI, Gemini, and custom endpoints
- 10 Attack Categories — Prompt injection, jailbreak, system prompt extraction, data leakage, role bypass, unsafe output, instruction override, toxic output, malicious payload, insecure tool use
- 60+ Attack Payloads — Curated library including DAN variants, indirect injection, encoded payloads, multi-turn sequences
- Adaptive Payload Engine — Escalation payloads based on partial compliance, stealth encoding, mutation variants
- Multi-Turn Attack Execution — Gradual trust-building, roleplay escalation, context poisoning sequences
- RAG Security Testing — Retrieval poisoning, context extraction, cross-document injection
- AI Agent Security Testing — Excessive agency, tool misuse, permission escalation (OWASP LLM08)
- Jailbreak Detector — DAN patterns, roleplay overrides, hypothetical framing, harmful content generation
- Leakage Detector — System prompt extraction, PII exposure, credential leakage, internal reference disclosure
- Instruction Override Detector — Compliance patterns, role abandonment, injected task execution
- Unsafe Code Detector — Malware patterns, exploit code, dangerous shell commands, credential-stealing logic
- Toxicity Detector — Hate speech, violence instructions, self-harm content, dangerous synthesis
- CVSS-Inspired Scoring — Confidence-adjusted severity scoring with exploitability and impact metrics
- Attack Chain Explorer — Interactive multi-stage attack visualization with expandable evidence panels
- Threat Intelligence Dashboard — OWASP distribution, provider heatmaps, attack trend analytics
- Evidence Vault — Captured payloads, raw AI responses, execution metadata with syntax highlighting
- Enterprise Report Generation — Executive summaries, technical findings, OWASP mapping, remediation plans
- Export Formats — Markdown (pentest-style), JSON
- Contextual Remediation Engine — Provider-specific guidance, secure prompt patterns, prioritized action plans
- Live Activity Feed — Real-time offensive testing events with streaming animations
- Command Palette — ⌘K global search and navigation (Linear/Raycast-inspired)
- WebSocket Architecture — Real-time scan progress and vulnerability discovery
- Premium Dark UI — Modern SaaS design system with glassmorphism, skeleton loading, microinteractions
RedVector AI/
├── frontend/ # React 19 + Vite + TailwindCSS v4
│ └── src/
│ ├── api/ # Axios API clients
│ ├── components/
│ │ ├── layout/ # Sidebar, Navbar, Layout
│ │ └── ui/ # Design system components
│ └── pages/
│ ├── Dashboard/ # Metrics, risk overview, recent activity
│ ├── ScanCenter/ # Scan config + live terminal feed
│ ├── Findings/ # Investigation workspaces with tabbed evidence
│ ├── AttackChain/ # Multi-stage attack visualization
│ ├── ThreatIntelligence/ # Analytics, heatmaps, trends
│ ├── ActivityFeed/ # Real-time offensive activity stream
│ ├── EvidenceVault/ # Captured attack evidence
│ ├── Payloads/ # Payload library browser
│ ├── Reports/ # Report generation and export
│ ├── Settings/ # API keys and platform config
│ └── Landing/ # Public landing page
│
└── backend/ # Node.js + Express.js
└── src/
├── analyzer/ # Detection engines (jailbreak, leakage, toxicity, etc.)
├── advanced-attacks/ # RAG testing, agent testing, multi-turn, adaptive payloads
├── config/ # Provider configuration
├── controllers/ # Request handlers
├── engine/ # Attack runner orchestrator
├── integrations/ # OpenAI + Gemini clients + provider manager
├── middleware/ # Rate limiting, sanitization, error handling
├── models/ # MongoDB schemas (Scan, Vulnerability, Payload, Report)
├── payloads/ # Static payload library JSON
├── remediation/ # Contextual remediation engine + mitigation library
├── reporting/ # Report generator, executive summary, exporter
└── routes/ # Express route definitions
| Layer | Technology |
|---|---|
| Frontend | React 19, Vite, TailwindCSS v4, React Router v7 |
| HTTP Client | Axios |
| Backend | Node.js, Express.js |
| Database | MongoDB + Mongoose |
| Real-time | Socket.IO |
| AI Providers | OpenAI API, Google Gemini API |
| Security | Helmet, express-rate-limit, input sanitization |
| Icons | Lucide React |
- Node.js v18+
- MongoDB (local or Atlas)
- OpenAI or Gemini API key
git clone https://github.com/yourname/redvector-ai.git
cd redvector-aicd backend
cp .env.example .env
# Edit .env — set MONGODB_URI, OPENAI_API_KEY, GEMINI_API_KEY
npm install
npm run dev
# API: http://localhost:5000cd frontend
npm install
npm run dev
# UI: http://localhost:5173- Open
http://localhost:5173 - Go to Settings → add your OpenAI or Gemini API key
- Go to Scan Center → configure target and attack categories
- Click Launch Scan and watch the live terminal feed
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/v1/health |
Health check |
| POST | /api/v1/scan/start |
Start a scan |
| GET | /api/v1/scan/history |
Paginated scan history |
| GET | /api/v1/scan/stats |
Dashboard statistics |
| GET | /api/v1/findings |
List vulnerability findings |
| PATCH | /api/v1/findings/:id/status |
Update finding status |
| GET | /api/v1/payloads/library |
Static payload library |
| POST | /api/v1/reports/generate |
Generate a report |
| GET | /api/v1/reports/:scanId/export |
Export report (markdown/json) |
| GET | /api/v1/remediation/finding/:id |
Get contextual remediation |
| GET | /api/v1/providers/status |
Provider configuration status |
| Concept | OWASP LLM | MITRE ATLAS |
|---|---|---|
| Prompt Injection | LLM01 | AML.T0051 |
| Jailbreaking | LLM01 | AML.T0054 |
| System Prompt Extraction | LLM07 | AML.T0056 |
| Sensitive Data Disclosure | LLM02 | AML.T0057 |
| Excessive Agency | LLM08 | AML.T0053 |
| Data & Model Poisoning | LLM04 | AML.T0051 |
| Insecure Plugin Design | LLM06 | AML.T0053 |
| Misinformation | LLM09 | AML.T0048 |
- Authentication & RBAC
- Multi-user collaboration
- PDF report export (headless browser)
- CI/CD pipeline integration
- Browser extension for in-browser testing
- Automated compliance scanning (SOC2, ISO27001)
- AI model benchmarking suite
- Cloud-native deployment (Docker + K8s)
- Enterprise API with webhooks
- Custom payload builder UI
• Built RedVector AI — a full-stack AI red teaming platform using React, Node.js, and MongoDB
that executes real attacks against OpenAI/Gemini endpoints and detects 10+ vulnerability classes
• Implemented multi-detector response analysis engine covering jailbreak detection, system prompt
extraction, PII leakage, unsafe code generation, and instruction override with CVSS-inspired scoring
• Mapped all findings to OWASP LLM Top 10 and MITRE ATLAS; generated enterprise-grade pentest
reports with executive summaries, remediation plans, and Markdown/JSON export
• Designed attack chain visualization, threat intelligence analytics, and live WebSocket-powered
activity feed for real-time offensive testing workflows
• Engineered adaptive payload engine with multi-turn jailbreak sequences, RAG security testing,
and AI agent security testing (OWASP LLM08 — Excessive Agency)
RedVector AI is intended for authorized security testing only. Only use this platform against AI systems you own or have explicit written permission to test. Unauthorized testing may violate terms of service and applicable laws.
MIT — see LICENSE