Open Source Tools
Praetorian is open-sourcing the offensive toolchain our operators use on red team engagements against some of the most sophisticated environments on earth. One tool per week. Twelve weeks. Each one built for the way our operators work, then released for the community.
Operator-Grade Tooling
Every tool in this series was built for and by Praetorian’s red team operators. They solve real problems we hit repeatedly during engagements against Fortune 500 environments, from fingerprinting shadow AI infrastructure to cracking open CI/CD pipelines. Written in Go, shipped as single binaries, zero external dependencies.
Built to Chain Together
These aren’t standalone utilities — they’re designed to compose. Nerva identifies services, Brutus tests credentials against them, Titus finds secrets in the codebase, and Trajan maps CI/CD attack paths. Julius detects LLM infrastructure, Augustus tests it for prompt injection. Each tool’s output feeds the next.
Open Source, Apache 2.0
Every tool is available on GitHub under the Apache 2.0 license. Clone, build, contribute. We’re accepting PRs for new protocol plugins, detection rules, CI/CD platform support, and LLM service probes. If you’re finding things in the wild that our tools don’t cover yet, we want to hear about it.
The Arsenal
12 tools. 12 weeks. Each one forged on real engagements, then released to the community. From recon to exploitation, this is the offensive toolchain behind Praetorian Guard.
LLM Service Fingerprinting
Translate IP:Port to Ollama, vLLM, LiteLLM, or 60+ other AI services. Identify what's running before you test it.
LLM Prompt Injection & Jailbreak Testing
190+ probes, 28 providers, single Go binary. Test LLMs for prompt injection, jailbreaks, and adversarial attacks at scale.
High-Performance Secrets Scanner
487 detection rules with live credential validation. CLI, Go library, Burp Suite extension, and Chrome extension.
Service Fingerprinting
Fast fingerprinting for 120+ protocols across TCP, UDP, and SCTP. Know what's running on every port.
CI/CD Pipeline Security
Multi-platform CI/CD vulnerability detection and attack automation. Find injection points and privilege escalation in build pipelines.
Credential Testing
Fast, zero-dependency credential testing tool. Validate weak and default credentials across 24 protocols at scale.
Organizational Asset Discovery
20+ discovery plugins for mapping organizational assets. Find what belongs to your target before anything else.
Multi-Cloud Security Reconnaissance
Open-source cloud security reconnaissance framework. Inventory and assess AWS, Azure, and GCP environments.
API Authorization Testing
Automated OWASP API Top 10 testing for REST, GraphQL, and gRPC. Role-based permutation testing with 30 built-in security templates.
API Endpoint Discovery & Spec Generation
Discover APIs from real browser traffic or Burp captures. Auto-generate OpenAPI, GraphQL SDL, and WSDL specs from what's actually on the wire.
Why Praetorian
AI + Human Fusion
The Guard platform combines agentic AI, workflow automation, and offensive capabilities with veteran security engineers. Machine speed meets adversarial intuition, exposing risks that scanners alone can't find.
Exploitable, Not Theoretical
Guard maps the kill chain, executes it in your environment, and measures whether your controls caught it. Every finding is validated with proof-of-concept exploits, not scanner output.
One Platform, Six Capabilities
Attack surface management, vulnerability management, continuous penetration testing, adversarial exposure validation, cyber threat intelligence, and attack path mapping — unified in a single console.
Continuous Feedback Loop
Every finding feeds back into the platform — enriching asset context, updating risk scores, and refining attack paths. Your security posture improves continuously, not just once a year at audit time.
Trusted by Industry Leaders
Ready to Find What Attackers Will?
Whether you need a single assessment or a continuous testing program, our engineers are ready to identify and validate the risks that matter most.