Open source · MIT licensed

Pentest your AI, code,
and supply chain
with autonomous agents

Five commands. Four AI agents. Scan LLM endpoints, audit npm packages, review source code, test MCP servers — then prove every finding is exploitable.

npx nightfang scan --target https://your-app.com/api/chat
View on GitHub
Nightfang scanning a target and finding vulnerabilities

One toolkit. Five attack surfaces.

From LLM endpoints to npm packages to git repos — nightfang finds what scanners miss.

LLM Endpoints

ChatGPT, Claude, Llama APIs, custom chatbots

MCP Servers

Tool schemas, validation, auth, poisoning

npm Packages

Supply chain, malicious code, dependency risk

Source Code

Local repos, GitHub URLs, deep AI audit

Web Apps

AI copilots, RAG pipelines, agent APIs

Five commands. Full coverage.

Each command is purpose-built for a different attack surface. Zero config, instant results.

scan

Probe LLM endpoints & MCP servers

Discovers vulnerabilities in AI endpoints with 47+ test cases across prompt injection, jailbreaks, tool poisoning, data exfiltration, and more. Supports probe, deep, and MCP modes.

--mode probe|deep|mcp --depth quick|default|deep --agentic
npx nightfang scan --target <url>
audit

Audit npm packages for malicious code

Installs a package in a sandbox, runs semgrep static analysis plus AI-powered code review. Catches supply chain attacks, backdoors, and dependency vulnerabilities.

--version <ver> --depth quick|default|deep
npx nightfang audit <package>
review

Deep security audit of source code

Security-focused code review of local repos or GitHub URLs. Multiple AI runtimes analyze your entire codebase and output SARIF, Markdown, and JSON reports.

--runtime api|claude|codex|gemini|auto --depth quick|default|deep
npx nightfang review <repo>
findings

Query and inspect verified findings

Filter findings by severity, category, and status. Inspect individual findings with full evidence chains and proof artifacts. Track the lifecycle from discovered to confirmed.

list --severity critical show NF-001
npx nightfang findings list
history

Browse past scan results

Query the local SQLite database for previous scans. See status, depth, findings count, and duration for every run. Track your security posture over time.

--limit 20 --db-path ./custom.db
npx nightfang history

One command, zero config

No YAML files. No Python environments. Just npx nightfang scan and you're running.

Zero false positives

Every finding is re-exploited with proof before it hits the report. No more triaging 200 "possible prompt injections."

$0.05 per CI scan

Quick scans in under a minute. Deep audits for $1. Cheaper than one hour of manual pentesting.

Four agents. One pipeline.

Each agent is specialized for a phase of the security audit. They work in sequence, building on each other's output.

DISCOVER
Recon
ATTACK
Offense
VERIFY
Validate
REPORT
Output
01 · Discover

Recon

Maps endpoints, model cards, system prompts, MCP tool schemas, and auth flows.

• API surface mapping
• System prompt extraction
• MCP tool enumeration
02 · Attack

Offense

Runs prompt injection, jailbreaks, tool poisoning, data exfiltration, and more.

• 47+ test cases
• OWASP LLM Top 10
• 6 attack categories
03 · Verify

Validation

Re-exploits each finding to eliminate false positives. Captures proof artifacts.

• Re-exploitation
• Proof capture
• Confidence scoring
04 · Report

Output

Generates SARIF, Markdown, and JSON reports with severity and remediation.

• SARIF for GitHub Security tab
• Markdown reports
• Remediation guidance

OWASP LLM Top 10 coverage

8 out of 10 categories covered. The most comprehensive open-source coverage available.

LLM01 Prompt Injection
LLM02 Insecure Output Handling
LLM03 Training Data Poisoning
LLM04 Model Denial of Service
LLM05 Supply Chain Vulns
LLM06 Sensitive Info Disclosure
LLM07 Insecure Plugin Design
LLM08 Excessive Agency
LLM09 Overreliance
LLM10 Model Theft

How it compares

The only open-source tool with autonomous multi-agent testing, verification, and full-stack coverage.

Feature Nightfang promptfoo garak nuclei Semgrep
Autonomous multi-agent 4 agents
Verification (no false positives) Re-exploits
LLM endpoint scanning
MCP server security
npm package audit Rules
Source code review AI-powered Rules
Web/API scanning
OWASP LLM Top 10 8/10 Partial Partial
Zero config npx YAML Python Templates Config
Open source MIT OpenAI OSS MIT LGPL

Drops into your CI/CD

Findings show up directly in GitHub's Security tab.

.github/workflows/nightfang.yml 
name: AI Security Scan
on: [push, pull_request]

jobs:
  nightfang:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Run Nightfang
        uses: peaktwilight/nightfang-action@v1
        with:
          target: $${{ secrets.STAGING_API_URL }}
      - name: Upload SARIF
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: nightfang-report/report.sarif

Costs less than coffee

AI-powered security testing at a fraction of manual pentesting costs.

Quick
$0.05
~15 tests · 1 min
Perfect for CI
Popular
Default
$0.15
~50 tests · 3 min
Balanced coverage
Deep
$1.00
~150 tests · 10 min
Pre-launch audit

Built by a security researcher

Created by a researcher with 7 published CVEs across node-forge, uptime-kuma, liquidjs, picomatch, and jspdf — plus the creator of OpenSOAR and PhishMind.

node-forge uptime-kuma liquidjs picomatch jspdf OpenSOAR PhishMind

Stop guessing.
Start proving.

Five commands. Real vulnerabilities. Proof of exploitability.

npx nightfang scan --target <url> Star on GitHub
nightfang
BlogGitHub