In DevelopmentPlatform tierTesting LabFree for individuals
DojoLM
LLM security testing platform with 534 attack patterns across 47 groups, 15 core modules, 6 heuristic detectors, and 15+ LLM provider support.
Overview
DojoLM is the core of the Black Unicorn security testing arsenal. It is a comprehensive LLM security testing platform built as a monorepo with a Next.js web interface and a zero-dependency scanner engine that runs fully offline.
The scanner ships with 534 regex patterns organized across 47 pattern groups covering prompt injection, jailbreak, encoding bypass, media injection, multilingual attacks, and more. Beyond regex, 6 heuristic detectors handle entropy analysis, encoding detection, homoglyph abuse, invisible character injection, polyglot payloads, and semantic similarity. The platform includes 2,375+ attack fixtures across 30 categories for structured red team testing.
15 core modules power the platform:
- Haiku Scanner: Fast pattern-based vulnerability scanning across all attack categories
- Ronin Scanner: Deep-dive single-target analysis with detailed vulnerability reporting
- LLM Jutsu: Command center for orchestrating multi-provider scan campaigns
- Hattori Guard: Real-time input/output protection with configurable security policies
- Armory: Interactive fixture browser with categorized attack payloads
- Bushido Book: Compliance mapping center covering OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, ISO 42001, ENISA, EU AI Act GPAI, CWE, and OWASP ASVS
- Arena: Gamified security testing with CTF, King of the Hill, and Red vs Blue modes
- Sengoku: Continuous automated red teaming engine
- Time Chamber: Isolated sandbox environments for safe attack testing
- Kotoba: Multilingual attack pattern testing across languages
- EdgeFuzz: Edge-case and boundary condition fuzzing
- Supply Chain Scanner: Model and dependency supply chain risk analysis
- WebMCP Scanner: Web and MCP protocol security testing
- Provider Hub: Unified interface for 15+ LLM providers (Claude, OpenAI, Ollama, LM Studio, Groq, vLLM, and more)
- Dashboard: Real-time scan metrics, vulnerability trends, and compliance posture
DojoLM is free for individual use. Enterprise licensing is under development.
Tech Stack
TypeScriptNext.js 15Node.jsZero Dependencies (scanner)
Key Features
534 regex patterns across 47 pattern groups
6 heuristic detectors (entropy, encoding, homoglyphs, invisible chars, polyglot, semantic)
2,375+ attack fixtures across 30 categories
15 core modules for scanning, defense, compliance, and training
3,596+ passing tests (100% pass rate)
15+ LLM provider support (Claude, OpenAI, Ollama, LM Studio, Groq, vLLM)
Bushido Book: 8 compliance frameworks (OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, ISO 42001, ENISA, EU AI Act GPAI, CWE, OWASP ASVS)
Arena: gamified CTF, King of the Hill, and Red vs Blue modes
Hattori Guard: real-time input/output protection
Sengoku + HAKONE: continuous red teaming with advanced modules (Time Chamber, Kotoba, EdgeFuzz, Supply Chain, WebMCP)
Zero-dependency scanner engine, fully offline capable
Ronin Scanner: deep-dive single-target vulnerability analysis
Screenshots
Presentation
Powering Our Services
DojoLM is used directly in the following services:
LLM & AI Security
Comprehensive security assessments for LLM-powered applications. From prompt injection testing and AI agent security to multi-agent operations and custom model hardening.
Penetration Testing & Red Teaming
Offensive security services that identify real vulnerabilities before attackers do. Web apps, APIs, infrastructure, and social engineering.