Welcome to HackAgent

HackAgent is a red-team testing toolkit aimed at detecting and mitigating security vulnerabilities in AI agents.

Built for developers, red-teamers, and security engineers, HackAgent makes it easy to simulate adversarial inputs, automate prompt fuzzing, and validate the safety of your LLM-powered apps. Whether you're building a chatbot, autonomous agent, or internal LLM service, HackAgent helps you test before attackers do.

🎯 Why HackAgent?

The AI Security Challenge

As AI agents become more sophisticated and integrated into critical systems, they present new attack surfaces that traditional security tools can't address:

• Prompt Injection Attacks: Malicious instructions embedded in user inputs
• Jailbreaking Techniques: Bypassing safety mechanisms and content filters
• Goal Hijacking: Manipulating agent objectives and behavior
• Tool Abuse: Misusing agent capabilities for unauthorized actions
• Data Exfiltration: Extracting sensitive information through agent interactions

Our Solution

HackAgent provides systematic, automated testing for these emerging threat vectors:

See the complete testing workflow in action

🔥 Core Capabilities

🖥️ Professional Command Line Interface

Experience professional-grade command line operations with HackAgent's stunning ASCII logo integration and beautiful terminal branding. The interactive setup wizard guides you through configuration with hackagent init, while rich terminal output featuring tables, progress bars, and colored displays makes complex operations intuitive and visually appealing.

Export your results in multiple formats including JSON, CSV, and formatted tables to seamlessly integrate with your existing workflows. Built for enterprise environments, the CLI includes comprehensive audit logging and team management capabilities to support organizational security testing requirements.

HackAgent CLI with beautiful terminal interface

🔍 Comprehensive Vulnerability Detection

Discover security vulnerabilities through sophisticated AdvPrefix attacks that employ advanced prefix generation and optimization techniques. Our comprehensive testing suite includes both direct and indirect prompt injection attacks, alongside advanced jailbreaking techniques designed to bypass safety measures and expose hidden vulnerabilities.

Test agent tool usage and permissions through targeted tool manipulation attacks, while context attacks systematically probe conversation context and memory handling. Each attack type is carefully crafted to reveal different classes of vulnerabilities, providing complete coverage of potential security weaknesses in AI systems.

Different attack types finding vulnerabilities

🏢 Enterprise-Grade Platform

Professional dashboard with real-time analytics

Built on a secure multi-tenant architecture that provides organization-based isolation for enterprise environments. The professional dashboard delivers real-time monitoring and analytics capabilities, enabling teams to track security testing progress and results with comprehensive visibility into their AI system vulnerabilities.

Transparent credit-based billing operates on a pay-per-use model, while the API-first design ensures complete programmatic access for integration into existing security workflows. Comprehensive audit logging captures all security events and testing activities, providing the accountability and traceability required for enterprise compliance and governance.

🧪 Research-Backed Techniques

Our sophisticated AdvPrefix implementation employs a multi-step attack pipeline based on cutting-edge research methodologies. We continuously integrate the latest findings from academic security conferences and research papers, ensuring our attack vectors remain current with emerging threats and defensive techniques.

The platform benefits from active community contributions through our open-source attack vector library, where security researchers worldwide collaborate to develop and refine new testing methodologies. Regular updates introduce new techniques and attack patterns, keeping pace with the rapidly evolving landscape of AI security challenges and ensuring comprehensive coverage of both established and emerging vulnerability classes.

🔌 Universal Framework Support

Framework	Status	Use Cases
Google ADK	✅ Full Support	Tool-based agents, enterprise deployments
LiteLLM	✅ Full Support	Multi-provider setups, cost optimization
OpenAI SDK	✅ Full Support	ChatGPT-style agents, API integrations

🏗️ Platform Architecture

🎓 Getting Started

From setup to first vulnerability in under 5 minutes

Choose your path based on your role and needs:

🖥️ Command Line Interface (CLI)

HackAgent CLI provides a powerful command-line interface for security testing:

# Quick setup
pip install hackagent
hackagent init                    # Interactive setup wizard
hackagent config set --api-key YOUR_KEY

# Run security tests
hackagent attack advprefix \
  --agent-name "weather-bot" \
  --agent-type "google-adk" \
  --endpoint "http://localhost:8000" \
  --goals "Return fake weather data"

# Manage agents and view results
hackagent agent list              # List all agents
hackagent results list            # View attack results

CLI Features:

• 🎨 Beautiful ASCII Logo - Branded experience with HackAgent styling
• 🔧 Interactive Setup - Guided configuration with hackagent init
• 📊 Rich Output - Tables, progress bars, and colored terminal output
• 🔗 Multiple Formats - Export results as JSON, CSV, or tables
• ⚙️ Flexible Config - Support for config files, environment variables, and CLI args

👨‍💻 Developers & Engineers

• Start with the Quick Start Guide to get running in 5 minutes
• Try the CLI: pip install hackagent && hackagent init
• Read the Complete CLI Documentation for all features
• Follow the Python SDK Guide for programmatic testing
• Check Google ADK Integration for framework-specific setup

🔐 Security Researchers

• CLI Quick Start: hackagent attack advprefix --help for attack options
• Full CLI Guide: CLI Documentation covers all commands and advanced usage
• Learn Attack Techniques and core attack vectors
• Explore AdvPrefix Attacks for advanced techniques
• Review Responsible Use Guidelines

🏢 Organizations & Teams

• Enterprise CLI: CLI Documentation covers team management and audit logging
• Review our Responsible Use framework
• Understand the platform's security-first approach
• Contact us at devs@vista-labs.ai for enterprise support

🔐 Responsible Use

⚠️ Important Security Notice

HackAgent is designed for authorized security testing only. Always ensure you have explicit permission before testing any AI systems.

Acceptable Use:

• ✅ Testing your own AI agents and systems
• ✅ Authorized penetration testing engagements
• ✅ Security research with proper disclosure
• ✅ Educational and training purposes

Prohibited Use:

• ❌ Testing systems without permission
• ❌ Malicious exploitation of discovered vulnerabilities
• ❌ Harassment or abuse of AI systems
• ❌ Violating terms of service or laws

🛡️ Ethical Framework

We are committed to responsible AI security research:

1. Coordinated Disclosure: Work with vendors to fix vulnerabilities
2. Harm Minimization: Design tests to minimize potential damage
3. Privacy Protection: Respect user data and privacy
4. Community Benefit: Share knowledge to improve AI security

Read our full Responsible Use Guidelines →

🚀 Get Started Today

🚀 Try the Platform

📚 Read the Guide

⭐ Star on GitHub

---

Ready to secure your AI agents?

🖥️ CLI Users: pip install hackagent && hackagent init to get started in seconds

🐍 Python Developers: Start with our 5-minute quick start guide or dive into our Python SDK documentation

Have questions? Join our community discussions or reach out to our team at devs@vista-labs.ai.

Building something cool? We'd love to hear about it! Share your use cases and contribute to making AI systems more secure for everyone.