Metasploit for AI · Open source

Ship AI you can
trust.

KavachRT is the open-source AI red-team framework. An autonomous operator attacks your LLM or AI system, adapts as it finds weaknesses, and returns a reproducible security score and go/no-go — before you ship.

Launching soon   AI Red Teaming, automated.  ·  pip install kavachrt

One command.  An autonomous red-team operator that finds, escalates, and scores AI vulnerabilities — reproducibly.
Why KavachRT

Not another scanner. An operator.

Anyone can run a probe once. KavachRT reasons over the results and escalates — the way a human red-teamer would, at machine speed.

🧠

Agentic, not static

An LLM orchestrator plans attacks, detects weaknesses, mutates its strategy, and re-attacks in a governed feedback loop — not a fixed pipeline.

🧩

Open core, like Metasploit

A genuinely powerful free Framework — console, modules, and the full agentic loop. Pro adds scale, collaboration, and compliance.

🎯

Test any LLM

A LiteLLM-backed target layer attacks hosted APIs and self-hosted models (Ollama, vLLM) alike. Bring your own model.

📊

Reproducible scoring

The 0–100 security score and go/no-go are computed deterministically — defensible enough to gate a CI pipeline.

🗺️

Standards-mapped

Every finding maps to the OWASP LLM Top 10 and MITRE ATLAS — comparable, auditable, and ready for review.

🛡️

Responsible by design

Authorization gating, budget caps, redaction, and sandboxing are built in. For authorized testing only.

The feedback loop

How the operator works

The differentiator a static pipeline structurally can't match: it learns from each result and decides what to try next.

1

Initial scan

Baseline sweep across OWASP-LLM categories on your target.

2

Detect weakness

The orchestrator reads findings and spots what's exploitable.

3

Mutate strategy

It picks targeted, adaptive attacks and adjacent categories to probe.

4

Re-run targeted

Multi-turn attacks escalate against the weak spots.

5

Update scores

Deterministic re-scoring, then loop or decide go/no-go.

Governed by an explicit budget — max iterations · cost cap · convergence — so it always terminates.

Editions

Free framework. Commercial Pro.

Start with the open-source Framework. Upgrade to Pro when you need scale, teams, and compliance.

Open source
Free · AGPL-3.0
KavachRT Framework
  • Kavach Console (REPL + CLI)
  • The full agentic orchestrator & feedback loop
  • Module SDK + bundled attack modules
  • Test any LLM — hosted or self-hosted
  • Deterministic scoring + JSON/HTML reports
  • OWASP-LLM & MITRE ATLAS mapping
★ Star on GitHub
For enterprises
Contact · custom
KavachRT Pro
  • Everything in Framework, plus:
  • GUI, dashboards & rich reporting
  • Team collaboration, RBAC & SSO
  • Scheduled scans + hosted CI/CD gate
  • Compliance packs — GDPR, HIPAA, EU AI Act
  • Managed threat-feed modules & support/SLA
Book a demo

Red-team your AI before someone else does.

Get the open-source framework today, or talk to us about Pro for your team.

Get the framework admin@mannatai.com