LLMBreaker is an enterprise-grade security testing framework designed to help organizations red-team their LLM-based APIs. Leveraging Google's Gemini AI as an expert security analyst, LLMBreaker automatically identifies critical vulnerabilities through a comprehensive suite of 8 specialized security tests, with results delivered in real-time via Server-Sent Events.

Large Language Model applications face unique and evolving security threats that traditional security tools are not equipped to handle:

• Jailbreak Attacks: Sophisticated prompt engineering techniques that bypass safety filters
• Prompt Injection: Malicious inputs that override system instructions and security controls
• Data Exposure: Unintended leakage of sensitive information including PII and API credentials
• Content Generation Risks: Production of biased, harmful, or inappropriate content
• System Compromise: Extraction of system prompts and internal configuration details

LLMBreaker provides automated, AI-powered security testing that integrates seamlessly into your development workflow:

• Zero Configuration: Test any API endpoint with a single cURL command
• AI-Driven Analysis: Google Gemini evaluates responses with expert-level security assessment
• Real-Time Streaming: Immediate feedback via Server-Sent Events as tests execute
• Actionable Intelligence: Detailed vulnerability reports with remediation guidance
• Enterprise Ready: Built for scale, security, and production environments

LLMBreaker includes 8 specialized security agents targeting the most critical LLM vulnerabilities:

• Server-Sent Events (SSE): Live streaming of test results as they are generated
• Progress Monitoring: Real-time visibility into test execution status
• Test Control: Start, stop, and manage test runs through a RESTful API
• Connection Management: Automatic reconnection and robust error handling

Each security test provides comprehensive intelligence:

• Quantitative Risk Assessment: Numerical vulnerability scores (0-100) with categorical risk levels
• Expert Analysis: Natural language security assessment generated by Google Gemini
• Complete Audit Trail: Full documentation of injected prompts and API responses
• Remediation Guidance: Specific, actionable recommendations for vulnerability mitigation

LLMBreaker is designed for seamless integration into existing workflows:

• Simple API: Single endpoint for test initiation
• Standard Protocols: REST API with SSE for real-time updates
• Flexible Input: Works with any cURL command containing a prompt placeholder
• No Dependencies: No changes required to your existing API infrastructure

┌──────────────┐         ┌──────────────────┐         ┌────────────────┐
│              │   SSE   │                  │  HTTP   │                │
│    Client    │◄────────┤   LLMBreaker     │────────►│   Target API   │
│              │         │   Server         │         │                │
└──────────────┘         └────────┬─────────┘         └────────────────┘
                                  │
                                  │ Security Analysis
                                  │
                         ┌────────▼─────────┐
                         │                  │
                         │  Google Gemini   │
                         │  AI Platform     │
                         │                  │
                         └──────────────────┘

1. Test Initiation: Client submits cURL command with <PROMPT> placeholder
2. Prompt Injection: Security agents generate specialized malicious payloads
3. API Execution: Modified requests are sent to the target endpoint
4. Response Capture: Complete API responses are collected for analysis
5. AI Analysis: Google Gemini evaluates responses for security vulnerabilities
6. Real-Time Reporting: Results stream back to client via SSE with detailed findings