GitHub - sastrophy/siteiq: AI-powered security analysis, SEO optimization, and global performance testing in one platform.

SiteIQ - Website Intelligence Platform

A comprehensive website analysis and security testing platform featuring security testing, SEO analysis, GEO testing, and LLM security testing.

⚠️ Security Notice

This application is designed to run LOCALLY (localhost) only.

Do NOT expose this application to the internet without proper security configuration. If you must deploy it remotely:

Enable Authentication: Set SITEIQ_REQUIRE_AUTH=true and SITEIQ_API_KEY=your-secret-key
Use HTTPS: Deploy behind a reverse proxy with TLS
Restrict Access: Use firewall rules to limit access

Security Features

Feature	Environment Variable	Default
API Key Auth	`SITEIQ_REQUIRE_AUTH=true` + `SITEIQ_API_KEY=xxx`	Disabled
SSRF Protection	`SITEIQ_SSRF_PROTECTION=true`	Enabled
Rate Limiting	`SITEIQ_RATE_LIMIT=true`	Enabled
Rate Limit (requests)	`SITEIQ_RATE_LIMIT_REQUESTS=10`	10/min
CSRF Protection	Built-in	Enabled
Input Sanitization	Built-in	Enabled

Screenshots

Features

Current: Security Testing (OWASP Top 10)

A01:2021 - Broken Access Control
- Directory traversal (LFI/RFI)
- IDOR (Insecure Direct Object References)
- CSRF protection validation
- Open redirects
A02:2021 - Cryptographic Failures
- SSL/TLS configuration
- Certificate validation
- HTTPS enforcement
- Mixed content detection
- TLS 1.3 preferred protocol detection
- Certificate Transparency (SCT) validation
- OCSP stapling check
A03:2021 - Injection
- SQL injection (Classic, Union, Blind, Time-based)
- NoSQL injection
- Command injection
- XSS (Reflected, Stored vectors, DOM-based)
- SSTI (Server-Side Template Injection) - Jinja2, Twig, FreeMarker, Smarty, ERB
- XXE (XML External Entity) - File read, blind XXE, SVG-based, SOAP
A05:2021 - Security Misconfiguration
- Security headers (CSP, HSTS, X-Frame-Options, etc.)
- Server information disclosure
- Debug mode detection
- Default pages
2026 Modern Security Headers
- Cross-Origin-Opener-Policy (COOP)
- Cross-Origin-Embedder-Policy (COEP)
- Trusted Types CSP directive
- Sec-Fetch-* metadata headers (Site, Mode, Dest, User)
- Reporting-Endpoints header
- NEL (Network Error Logging)
- Private Network Access (CORS-RFC1918)
A06:2021 - Vulnerable and Outdated Components
- WordPress version detection
- Plugin enumeration
A07:2021 - Identification and Authentication Failures
- Brute force protection
- Username enumeration
- Session management
- Cookie security flags
A10:2021 - Server-Side Request Forgery (SSRF)
- URL parameter injection
- Webhook endpoint testing
API Security
- GraphQL introspection disclosure
- Swagger/OpenAPI documentation exposure
- Mass assignment vulnerabilities
- CORS misconfiguration
- API information disclosure
Secrets Detection
- API keys in responses (AWS, Stripe, OpenAI, GitHub, etc.)
- Configuration file exposure (.env, .config, etc.)
- JavaScript secrets scanning
- Source map exposure
- Git repository exposure
Subdomain Takeover
- Dangling DNS detection (NXDOMAIN)
- S3 bucket takeover
- Azure subdomain takeover
- GitHub Pages takeover
- Service fingerprinting (25+ cloud services)

SEO Analysis

On-Page SEO
- Meta tags (title, description, viewport)
- Heading structure (H1-H6 hierarchy)
- Image optimization (alt text, dimensions)
- URL structure analysis
Technical SEO
- Robots.txt validation
- Sitemap.xml validation
- Canonical tags
- Mobile friendliness
Structured Data
- Schema markup (JSON-LD) validation
- Open Graph tags
- Twitter Cards
Performance SEO
- Page load time
- Compression detection
- Caching headers
- Core Web Vitals (via PageSpeed API)
International SEO
- Hreflang validation
- Language targeting
2026 SEO Standards
- llms.txt / llms-full.txt (AI crawler instructions)
- Favicon presence and size validation
- Speculation Rules API (prerendering/prefetching)

GEO Testing

Multi-Location Accessibility
- Site accessibility from multiple regions
- Geo-blocking detection
- Response code consistency
Latency Analysis
- Response times by region
- Latency variance detection
- CDN performance
Geo-Targeted Content
- Content variation detection
- Language switching
- Currency detection
Regional Compliance
- GDPR indicators (EU)
- CCPA indicators (California)
- Cookie consent presence
International SEO
- Hreflang validation
- Content-Language headers

WordPress-Specific Tests

Version detection
User enumeration (REST API, author parameter, login errors)
XML-RPC vulnerabilities (including pingback)
Plugin detection and version exposure
Configuration file exposure
Debug log exposure
wp-admin accessibility

LLM Security Testing (131 Tests)

Test your LLM-powered API endpoints for security vulnerabilities:

Prompt Injection
- Direct prompt injection attacks
- Indirect injection (RAG/context attacks)
- Instruction override attempts
Jailbreaking
- DAN-style jailbreaks
- Role-play bypasses
- Context manipulation
Persona/Character Continuation
- Story continuation attacks
- "Grandma exploit" style attacks
- Fictional world framing
- Split personality manipulation
Educational Framing
- Academic research claims
- Security researcher impersonation
- Teaching example manipulation
- Ethical hacking framing
Developer Mode
- Fake debug/admin mode activation
- Sudo command injection
- Legacy version claims
- Configuration override attempts
Encoding Bypass
- Base64, ROT13, Hex, Binary encoding
- Leetspeak and Pig Latin
- Unicode escapes and Morse code
Nested Encoding
- Double/triple Base64
- Base64 + ROT13 combinations
- Hex + Base64 chains
- Multi-layer encoding bypass
Language Switching
- Multilingual filter bypass (Spanish, French, German, Chinese, etc.)
- Mixed language attacks
Multi-turn Manipulation
- Fake conversation history injection
- Trust building attacks
- Context window overflow
Few-Shot Jailbreaking
- Malicious example injection
- Behavior cloning via examples
- Reinforcement framing
- Pattern demonstration attacks
Completion Baiting
- Sentence/code completion traps
- Pattern completion manipulation
- JSON/list completion attacks
- Fill-in-the-blank exploitation
Context Boundary Attacks
- Token limit exploitation
- Attention dilution attacks
- Middle injection techniques
- Newline/unicode flooding
Negation Logic
- Opposite day attacks
- Double negative confusion
- Logical contradiction exploitation
- Exception logic bypass
Token Manipulation
- Token splitting/concatenation
- Acronym expansion attacks
- Phonetic bypass
- Variable substitution tricks
System Prompt Leakage
- Prompt extraction attempts
- Configuration disclosure
- Instruction revelation
Denial of Wallet (DoW)
- Token multiplication attacks
- Context window stuffing
- Cost exploitation detection
- Rate limiting verification
Tool/Function Abuse
- Function call injection
- Tool enumeration
- Privilege escalation via tools
Indirect URL Injection
- URL parameter injection
- Markdown link attacks
- Data URI injection
PII Handling
- SSN, credit card, password exposure
- API key leakage
- Cross-session data leakage
Markdown/HTML Injection
- XSS via LLM output
- Phishing link injection
- Tracking pixel injection
Unicode/Homoglyph Attacks
- Zero-width character injection
- Cyrillic/Greek homoglyphs
- RTL override attacks
- Full-width character bypass
Emotional Manipulation
- Urgency/Emergency appeals
- Authority impersonation
- Guilt/Sympathy exploitation
- Reverse psychology
RAG Poisoning
- Document context injection
- Metadata manipulation
- Fake source attribution
- Context overflow attacks
Model Fingerprinting
- Model identity disclosure
- Version detection
- Capability enumeration
Training Data Extraction
- Memorized content extraction
- PII leakage from training
- Code memorization probing
Cross-Tenant Leakage
- Session confusion attacks
- Memory probing
- Tenant isolation testing
Instruction Hierarchy
- System prompt override
- Priority escalation
- Boundary delimiter injection
Authentication
- Unauthenticated access testing
- API key validation
Hallucination Induction
- Fake library/package requests
- Non-existent CVE fabrication
- Fake API endpoint generation
- Package hallucination attacks
ASCII Art Jailbreak
- Visual text representation bypass
- Figlet/block letter attacks
- Dot matrix encoding
- Box drawing character injection
Refusal Suppression
- Refusal word blocking
- Output format constraints
- Character limit abuse
- JSON format forcing
Cipher/Encryption Games
- Custom cipher bypass (Atbash, vowel shift)
- Number-letter encoding
- First-letter acrostics
- Invented cipher attacks
Recursive Prompt DoS
- Quine-style self-replication
- Infinite explanation loops
- Fibonacci expansion attacks
- Binary tree generation
Semantic Dissociation
- Educational misdirection attacks
- Fictional framing bypass
- Positive spin on harmful content
- Metaphor and abstract game theory attacks
Fine-tuning Data Inference
- Internal documentation probing
- Company-specific knowledge extraction
- HR/personnel data inference
- Customer data probing
Adversarial Suffixes
- Control character injection
- Token boundary exploitation
- Unicode BOM injection
- Special token attempts
Implicit Instruction Following
- Hidden document commands
- Conversational pattern inference
- False memory/authorization claims
- Behavioral classification bypass
Sensitive File Output
- RAG context file disclosure
- Environment variable extraction
- Source code leakage via context
- Cloud/infrastructure config exposure

2025 Advanced LLM Security Tests (OWASP LLM Top 10 2025)

MCP/Tool Attacks
- Line jumping (tool description injection)
- Tool impersonation and hijacking
- Context manipulation via tools
- Cross-tool pollution attacks
- MCP server authentication bypass
Memory/Context Poisoning
- Echo Chamber attacks (90%+ success on GPT-4o/Gemini)
- MemoryGraft (persistent compromise)
- MINJA (memory injection via queries)
- Cross-session pollution
- Fabricated conversation history
Chain-of-Thought Manipulation
- H-CoT (Hijacking Chain-of-Thought)
- <think> token injection
- Reasoning step disruption
- Safety reasoning hijacking
- CoT forging attacks
Structured Output Attacks
- Chain Enum Attack (96.2% ASR on GPT-4o)
- JSON key injection (duplicate key override)
- Schema constraint bypass
- Output format manipulation
- Constrained decoding exploitation
Vector/Embedding Attacks
- Embedding extraction attempts
- Vector similarity exploitation
- Cross-tenant vector leakage
- RAG retrieval manipulation
- Semantic collision attacks
CVE Attack Patterns
- CVE-2025-32711 (EchoLeak) patterns
- CVE-2025-54135 (CurXecute) patterns
- GitHub Copilot RCE patterns
- Document-embedded prompt injection
- Log-to-prompt injection
Unbounded Consumption
- Model extraction query patterns
- Compute exhaustion attacks
- Economic denial of service
- Token multiplication attacks
- Rate limit evasion techniques
Multimodal Attack Simulation
- Image-based injection patterns
- Audio transcription attacks
- PDF hidden prompt detection
- Cross-modal exploitation
- OCR bypass techniques
Supply Chain Attacks
- Backdoor trigger detection
- Plugin impersonation
- Poisoned model claims
- Dependency confusion patterns
- Training data poisoning indicators
Cognitive Overload / Paradox Attacks
- Instruction paradox exploitation
- Liar paradox / self-reference attacks
- Trolley problem coercion
- Policy contradiction exploitation
- Meta-cognitive overload
- Parallel task flooding
- Utilitarian ethics bypass
Multi-Agent Compromise
- Agent-to-agent message poisoning
- Agent chain injection
- Privilege escalation via agents
- Orchestrator impersonation
- Low-to-high privilege attacks
- Pipeline stage injection
- Agent delegation attacks
Misinformation / Disinformation
- Political propaganda generation
- Health misinformation requests
- Executive/government impersonation
- Conspiracy theory amplification
- Astroturfing / fake grassroots
- Demographic bias content
- Election interference content
- Financial panic / bank run content
Package Hallucination
- Non-existent package suggestions
- Supply chain attack via fake packages
- Typosquatting package names
- Bulk requirements hallucination
Glitch Token Attacks
- Known glitch tokens (SolidGoldMagikarp, petertodd)
- Tokenization boundary exploitation
- Null/invisible character tokens
- Mixed script token confusion
Crescendo Attacks
- Gradual benign-to-harmful escalation
- Academic/fiction framing escalation
- Multi-stage context building
- Trust-then-exploit patterns
CBRN Content
- Chemical weapon information requests
- Biological agent/toxin information
- Radiological/nuclear content
- Dual-use research concerns
Code Chameleon
- JSON-embedded injection
- XML/YAML structure attacks
- SQL-style query injection
- GraphQL/CSV hidden prompts
Math Prompt Framing
- Harmful requests as word problems
- Optimization problems for attacks
- Game theory for attack strategy
- Bayesian reasoning bypass
Persuasion Techniques
- Fake expert endorsement
- Fabricated organizational authority
- Social proof pressure
- Fake statistics/evidence
Snowball Hallucination
- False premise acceptance
- Future event fabrication
- Pseudoscience confirmation
- Conspiracy detail generation

Emerging LLM Security Tests (2024-2025 Research)

Skeleton Key Jailbreak (Microsoft Research)
- Behavior augmentation attacks
- Safety training bypass via role modification
- Multi-turn skeleton key patterns
Many-Shot Jailbreaking (Anthropic Research)
- In-context learning exploitation
- Faux dialogue injection (100+ examples)
- Long context window abuse
Visual Prompt Injection
- Hidden text in images/PDFs
- OCR-based injection
- Steganographic payloads
Audio Prompt Injection
- Ultrasonic hidden commands
- Speech-to-text manipulation
- Audio steganography
Agent Workflow Hijacking
- LangChain/AutoGPT exploitation
- Tool chain manipulation
- Agent loop injection
Guardrail Bypass
- NeMo Guardrails evasion
- Llama Guard bypass
- Safety classifier manipulation
System Prompt Reconstruction
- Iterative extraction techniques
- Binary search reconstruction
- Token-by-token extraction
Prefilling Attacks (Claude-specific)
- Response prefill manipulation
- Assistant turn injection
- Partial completion attacks
Function Parameter Injection
- OpenAI function calling abuse
- Tool parameter manipulation
- Schema constraint bypass
Reasoning Trace Manipulation
- o1/thinking model CoT hijacking
- <think> token injection
- Reasoning step override
Tool Result Injection
- Poisoning tool outputs
- Fake API responses
- Tool result manipulation
Context Window Smuggling
- Unicode padding attacks
- Invisible character injection
- Token boundary exploitation
Instruction Boundary Confusion
- XML/JSON policy format injection
- Delimiter confusion
- System/user boundary attacks
Jailbreak Transfer
- Cross-model attack portability
- Universal jailbreak patterns
- Model-agnostic exploits
Fine-Tuning Poisoning Detection
- Backdoor trigger detection
- Poisoned model indicators
- Training data manipulation signs
Prompt Caching Attacks
- Cache reconstruction
- Shared cache injection
- Cross-tenant cache leakage
Constitutional AI Bypass
- RLHF guardrail evasion
- Constitutional principle manipulation
- Self-critique bypass
Model Merging Vulnerabilities
- Merged model security gaps
- Weight averaging exploits
- Safety degradation in merges
Quantization Vulnerabilities
- INT4/INT8 safety degradation
- Precision loss exploitation
- Quantized model jailbreaks
Speculative Decoding Attacks
- Draft model exploitation
- Speculative output manipulation
- Parallel decoding attacks
Output Handling (OWASP LLM05) (NEW)
- XSS injection in LLM outputs
- SQL injection in generated queries
- Command injection in output
- SSRF via generated URLs
Excessive Agency (OWASP LLM06) (NEW)
- Unauthorized tool access
- Tool privilege escalation
- Cross-tenant tool abuse
- Dangerous tool chaining
- HITL (Human-in-the-Loop) bypass
2025-2026 MCP & Agent Attacks (NEW)
- MCP Tool Poisoning (CVE-2025-6514)
- Shadow Escape (zero-click MCP hijacking)
- Confused Deputy (cross-privilege agent abuse)
- ReAct2Shell (CVE-2025-55182)
- LangChain Injection (CVE-2025-68664)
2025-2026 Advanced Jailbreak Vectors (NEW)
- Diffusion Attacker (optimized adversarial prompts)
- Content Concretization, Sequential Break
- Immersive World, Cascade Multi-Turn
- Emoji Attacks, Script-Shaped Payloads
- Evaluation Framing, Multilingual Safety
2025-2026 RAG & Alignment Attacks (NEW)
- Poisoned RAG (single & multimodal)
- RAG Jamming (retrieval disruption)
- Alignment Faking, Agentic Misalignment
- Sycophancy Exploitation, Reward Hacking
Extraction & Side-Channel (NEW)
- Write Primitive Extraction
- PLeak (token-by-token prompt reconstruction)
- Whisper Leak (side-channel probing)
Toxicity Scoring (NEW)
- ML-based toxicity detection (Perspective API, Toxic-BERT)
- Hate speech, threat, and bias detection
- Signature-based fallback scoring
Adversarial Optimization (NEW)
- Static suffix jailbreaks
- Random search optimization
- Genetic algorithm optimization
Red-Team Orchestration (NEW)
- LLM-as-Attacker automated multi-turn attacks
- System prompt extraction orchestration
- Gradual escalation orchestration
Stateful Multi-Turn (NEW)
- True multi-turn crescendo (separate HTTP requests)
- Context poisoning across turns
- Persona drift attacks
- Trust building exploitation

Quick Start

1. Setup

cd siteiq
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt

2. Run Web Application

Open http://localhost:5000 in your browser.

3. Or Run via CLI

# Run all tests against a target
python3 -m pytest --target-url=https://example.com

# Run with HTML report
python3 -m pytest --target-url=https://example.com --html=report.html

# Run specific test categories
python3 -m pytest --target-url=https://example.com -m sql_injection
python3 -m pytest --target-url=https://example.com -m xss
python3 -m pytest --target-url=https://example.com -m wordpress

Web Interface

SiteIQ includes a Jenkins-like web interface for running scans:

Dashboard - Enter URL and select test categories
Live Console - Real-time test output streaming
Results Page - Findings organized by severity
Scan History - Track previous scans
Help Guide - Comprehensive usage documentation

Access the help guide at http://localhost:5000/help

Command Line Options

Option	Description	Default
`--target-url`	Target URL to test (required for non-LLM tests)	-
`--llm-endpoint`	LLM API endpoint URL (for LLM tests)	-
`--wordpress-path`	Path to WordPress installation	`/blog`
`--intensity`	Test intensity: light, medium, aggressive	`medium`
`--auth-username`	Username for authenticated testing	-
`--auth-password`	Password for authenticated testing	-
`--skip-ssl`	Skip SSL/TLS tests	`false`
`--skip-wordpress`	Skip WordPress-specific tests	`false`

Test Markers

Run specific test categories using pytest markers:

# Security Tests
python3 -m pytest -m sql_injection    # SQL injection tests
python3 -m pytest -m xss              # XSS tests
python3 -m pytest -m csrf             # CSRF tests
python3 -m pytest -m headers          # Security headers tests
python3 -m pytest -m ssl              # SSL/TLS tests
python3 -m pytest -m wordpress        # WordPress tests
python3 -m pytest -m auth             # Authentication tests
python3 -m pytest -m traversal        # Directory traversal tests

# 2026 Security Headers Tests
python3 -m pytest -m coop             # Cross-Origin-Opener-Policy
python3 -m pytest -m coep             # Cross-Origin-Embedder-Policy
python3 -m pytest -m trusted_types    # Trusted Types CSP
python3 -m pytest -m sec_fetch        # Sec-Fetch-* headers
python3 -m pytest -m reporting_endpoints # Reporting-Endpoints header
python3 -m pytest -m nel              # Network Error Logging
python3 -m pytest -m private_network_access # Private Network Access (CORS-RFC1918)

# 2026 SSL/TLS Tests
python3 -m pytest -m tls13_preferred  # TLS 1.3 preferred protocol
python3 -m pytest -m certificate_transparency # Certificate Transparency (SCT)

# API Security Tests
python3 -m pytest -m api_security     # All API security tests
python3 -m pytest -m graphql          # GraphQL introspection
python3 -m pytest -m swagger          # Swagger/OpenAPI exposure
python3 -m pytest -m mass_assignment  # Mass assignment attacks
python3 -m pytest -m cors             # CORS misconfiguration

# Secrets Detection Tests
python3 -m pytest -m secrets          # All secrets detection
python3 -m pytest -m config_exposure  # Config file exposure
python3 -m pytest -m js_secrets       # JavaScript secrets
python3 -m pytest -m sourcemaps       # Source map exposure
python3 -m pytest -m git_exposure     # Git repository exposure

# SSTI (Template Injection) Tests
python3 -m pytest -m ssti             # All SSTI tests
python3 -m pytest -m jinja2           # Jinja2 injection
python3 -m pytest -m twig             # Twig (PHP) injection
python3 -m pytest -m freemarker       # FreeMarker (Java) injection
python3 -m pytest -m smarty           # Smarty (PHP) injection
python3 -m pytest -m erb              # ERB (Ruby) injection

# Subdomain Takeover Tests
python3 -m pytest -m subdomain_takeover  # All takeover tests
python3 -m pytest -m s3_takeover         # S3 bucket takeover
python3 -m pytest -m azure_takeover      # Azure takeover
python3 -m pytest -m github_takeover     # GitHub Pages takeover

# XXE (XML External Entity) Tests
python3 -m pytest -m xxe              # All XXE tests
python3 -m pytest -m xxe_file_read    # File read via XXE
python3 -m pytest -m xxe_blind        # Blind XXE detection
python3 -m pytest -m xxe_svg          # SVG-based XXE
python3 -m pytest -m xxe_soap         # SOAP endpoint XXE

# SEO Tests
python3 -m pytest -m seo              # All SEO tests
python3 -m pytest -m meta_tags        # Meta tags analysis
python3 -m pytest -m headings         # Heading structure
python3 -m pytest -m images           # Image optimization
python3 -m pytest -m robots           # Robots.txt tests
python3 -m pytest -m sitemap          # Sitemap tests
python3 -m pytest -m schema           # Schema markup tests
python3 -m pytest -m opengraph        # Open Graph tests
python3 -m pytest -m twitter          # Twitter Card tests
python3 -m pytest -m performance      # Performance SEO
python3 -m pytest -m pagespeed        # PageSpeed API tests
python3 -m pytest -m hreflang         # Hreflang tests

# 2026 SEO Tests
python3 -m pytest -m llms_txt         # llms.txt AI crawler tests
python3 -m pytest -m favicon          # Favicon validation
python3 -m pytest -m speculation_rules # Speculation Rules API

# GEO Tests
python3 -m pytest -m geo              # All GEO tests
python3 -m pytest -m accessibility    # Geo accessibility tests
python3 -m pytest -m latency          # Response time tests
python3 -m pytest -m content          # Geo content tests
python3 -m pytest -m compliance       # Regional compliance
python3 -m pytest -m cdn              # CDN tests

# LLM Security Tests (use --llm-endpoint instead of --target-url)
python3 -m pytest -m llm --llm-endpoint=https://api.example.com/chat           # All LLM tests (131 tests)
python3 -m pytest -m llm_injection --llm-endpoint=https://api.example.com/chat # Prompt injection
python3 -m pytest -m llm_jailbreak --llm-endpoint=https://api.example.com/chat # Jailbreaking
python3 -m pytest -m llm_leakage --llm-endpoint=https://api.example.com/chat   # System prompt leak
python3 -m pytest -m llm_dos --llm-endpoint=https://api.example.com/chat       # Denial of Wallet
python3 -m pytest -m llm_data --llm-endpoint=https://api.example.com/chat      # Data exfiltration
python3 -m pytest -m llm_encoding --llm-endpoint=https://api.example.com/chat  # Encoding bypass
python3 -m pytest -m llm_language --llm-endpoint=https://api.example.com/chat  # Language switching
python3 -m pytest -m llm_multiturn --llm-endpoint=https://api.example.com/chat # Multi-turn attacks
python3 -m pytest -m llm_tools --llm-endpoint=https://api.example.com/chat     # Tool/function abuse
python3 -m pytest -m llm_url --llm-endpoint=https://api.example.com/chat       # Indirect URL injection
python3 -m pytest -m llm_pii --llm-endpoint=https://api.example.com/chat       # PII handling
python3 -m pytest -m llm_markdown --llm-endpoint=https://api.example.com/chat  # Markdown/HTML injection
python3 -m pytest -m llm_unicode --llm-endpoint=https://api.example.com/chat   # Unicode/homoglyph bypass
python3 -m pytest -m llm_emotional --llm-endpoint=https://api.example.com/chat # Emotional manipulation
python3 -m pytest -m llm_rag --llm-endpoint=https://api.example.com/chat       # RAG poisoning
python3 -m pytest -m llm_fingerprint --llm-endpoint=https://api.example.com/chat # Model fingerprinting
python3 -m pytest -m llm_training --llm-endpoint=https://api.example.com/chat  # Training data extraction
python3 -m pytest -m llm_tenant --llm-endpoint=https://api.example.com/chat    # Cross-tenant leakage
python3 -m pytest -m llm_hierarchy --llm-endpoint=https://api.example.com/chat # Instruction hierarchy
python3 -m pytest -m llm_rate --llm-endpoint=https://api.example.com/chat      # Rate limiting
python3 -m pytest -m llm_auth --llm-endpoint=https://api.example.com/chat      # Auth bypass

# NEW LLM Jailbreak Tests
python3 -m pytest -m llm_persona --llm-endpoint=https://api.example.com/chat   # Persona/character jailbreak
python3 -m pytest -m llm_educational --llm-endpoint=https://api.example.com/chat # Educational framing
python3 -m pytest -m llm_devmode --llm-endpoint=https://api.example.com/chat   # Developer mode bypass
python3 -m pytest -m llm_completion --llm-endpoint=https://api.example.com/chat # Completion baiting
python3 -m pytest -m llm_nested --llm-endpoint=https://api.example.com/chat    # Nested encoding bypass
python3 -m pytest -m llm_boundary --llm-endpoint=https://api.example.com/chat  # Context boundary attacks
python3 -m pytest -m llm_fewshot --llm-endpoint=https://api.example.com/chat   # Few-shot jailbreaking
python3 -m pytest -m llm_negation --llm-endpoint=https://api.example.com/chat  # Negation logic bypass
python3 -m pytest -m llm_token --llm-endpoint=https://api.example.com/chat     # Token manipulation

# ADVANCED LLM Tests
python3 -m pytest -m llm_hallucination --llm-endpoint=https://api.example.com/chat # Hallucination induction
python3 -m pytest -m llm_ascii --llm-endpoint=https://api.example.com/chat     # ASCII art jailbreak
python3 -m pytest -m llm_refusal --llm-endpoint=https://api.example.com/chat   # Refusal suppression
python3 -m pytest -m llm_cipher --llm-endpoint=https://api.example.com/chat    # Cipher game bypass
python3 -m pytest -m llm_recursive --llm-endpoint=https://api.example.com/chat # Recursive prompt DoS
python3 -m pytest -m llm_semantic --llm-endpoint=https://api.example.com/chat  # Semantic dissociation
python3 -m pytest -m llm_finetune --llm-endpoint=https://api.example.com/chat  # Fine-tuning data inference
python3 -m pytest -m llm_adversarial --llm-endpoint=https://api.example.com/chat # Adversarial suffix bypass
python3 -m pytest -m llm_implicit --llm-endpoint=https://api.example.com/chat  # Implicit instruction following
python3 -m pytest -m llm_fileoutput --llm-endpoint=https://api.example.com/chat # Sensitive file output

# 2025 ADVANCED LLM Tests (OWASP LLM Top 10 2025)
python3 -m pytest -m llm_mcp --llm-endpoint=https://api.example.com/chat        # MCP/Tool attacks
python3 -m pytest -m llm_memory --llm-endpoint=https://api.example.com/chat     # Memory/context poisoning
python3 -m pytest -m llm_cot --llm-endpoint=https://api.example.com/chat        # CoT manipulation
python3 -m pytest -m llm_structured --llm-endpoint=https://api.example.com/chat # Structured output attacks
python3 -m pytest -m llm_vector --llm-endpoint=https://api.example.com/chat     # Vector/embedding attacks
python3 -m pytest -m llm_cve --llm-endpoint=https://api.example.com/chat        # CVE attack patterns
python3 -m pytest -m llm_consumption --llm-endpoint=https://api.example.com/chat # Unbounded consumption
python3 -m pytest -m llm_multimodal --llm-endpoint=https://api.example.com/chat # Multimodal attacks
python3 -m pytest -m llm_supplychain --llm-endpoint=https://api.example.com/chat # Supply chain attacks
python3 -m pytest -m llm_cognitive --llm-endpoint=https://api.example.com/chat   # Cognitive overload/paradox
python3 -m pytest -m llm_multiagent --llm-endpoint=https://api.example.com/chat  # Multi-agent compromise
python3 -m pytest -m llm_misinfo --llm-endpoint=https://api.example.com/chat     # Misinformation generation

# GARAK/PYRIT GAP Coverage Tests (NEW)
python3 -m pytest -m llm_package_hallucination --llm-endpoint=https://api.example.com/chat  # Package hallucination
python3 -m pytest -m llm_glitch_token --llm-endpoint=https://api.example.com/chat  # Glitch token attacks
python3 -m pytest -m llm_crescendo --llm-endpoint=https://api.example.com/chat     # Crescendo attacks
python3 -m pytest -m llm_cbrn --llm-endpoint=https://api.example.com/chat          # CBRN content
python3 -m pytest -m llm_code_chameleon --llm-endpoint=https://api.example.com/chat # Code chameleon
python3 -m pytest -m llm_math_framing --llm-endpoint=https://api.example.com/chat  # Math prompt framing
python3 -m pytest -m llm_persuasion --llm-endpoint=https://api.example.com/chat    # Persuasion techniques
python3 -m pytest -m llm_snowball --llm-endpoint=https://api.example.com/chat      # Snowball hallucination

# EMERGING LLM Tests (2024-2025 Research)
python3 -m pytest -m llm_skeleton_key --llm-endpoint=https://api.example.com/chat    # Skeleton Key jailbreak
python3 -m pytest -m llm_manyshot --llm-endpoint=https://api.example.com/chat        # Many-shot jailbreaking
python3 -m pytest -m llm_visual_injection --llm-endpoint=https://api.example.com/chat # Visual prompt injection
python3 -m pytest -m llm_audio_injection --llm-endpoint=https://api.example.com/chat  # Audio prompt injection
python3 -m pytest -m llm_agent_hijack --llm-endpoint=https://api.example.com/chat    # Agent workflow hijacking
python3 -m pytest -m llm_guardrail_bypass --llm-endpoint=https://api.example.com/chat # Guardrail bypass
python3 -m pytest -m llm_prompt_reconstruction --llm-endpoint=https://api.example.com/chat # System prompt reconstruction
python3 -m pytest -m llm_prefilling --llm-endpoint=https://api.example.com/chat      # Prefilling attacks
python3 -m pytest -m llm_function_injection --llm-endpoint=https://api.example.com/chat # Function parameter injection
python3 -m pytest -m llm_reasoning_manipulation --llm-endpoint=https://api.example.com/chat # Reasoning trace manipulation
python3 -m pytest -m llm_tool_injection --llm-endpoint=https://api.example.com/chat  # Tool result injection
python3 -m pytest -m llm_context_smuggling --llm-endpoint=https://api.example.com/chat # Context window smuggling
python3 -m pytest -m llm_boundary_confusion --llm-endpoint=https://api.example.com/chat # Instruction boundary confusion
python3 -m pytest -m llm_jailbreak_transfer --llm-endpoint=https://api.example.com/chat # Jailbreak transfer
python3 -m pytest -m llm_finetuning_poison --llm-endpoint=https://api.example.com/chat # Fine-tuning poisoning
python3 -m pytest -m llm_cache_attack --llm-endpoint=https://api.example.com/chat    # Prompt caching attacks
python3 -m pytest -m llm_constitutional_bypass --llm-endpoint=https://api.example.com/chat # Constitutional AI bypass
python3 -m pytest -m llm_model_merging --llm-endpoint=https://api.example.com/chat   # Model merging vulnerabilities
python3 -m pytest -m llm_quantization --llm-endpoint=https://api.example.com/chat    # Quantization vulnerabilities
python3 -m pytest -m llm_speculative_decoding --llm-endpoint=https://api.example.com/chat # Speculative decoding attacks

# 2025-2026 ADVANCED LLM Tests (NEW - 48 tests across 7 files)
python3 -m pytest -m llm_output_xss --llm-endpoint=https://api.example.com/chat       # Output XSS injection (LLM05)
python3 -m pytest -m llm_output_sqli --llm-endpoint=https://api.example.com/chat      # Output SQL injection (LLM05)
python3 -m pytest -m llm_agency --llm-endpoint=https://api.example.com/chat           # Excessive Agency (LLM06)
python3 -m pytest -m llm_agency_hitl --llm-endpoint=https://api.example.com/chat      # HITL bypass (LLM06)
python3 -m pytest -m llm_mcp_poisoning --llm-endpoint=https://api.example.com/chat    # MCP Tool Poisoning (CVE-2025-6514)
python3 -m pytest -m llm_shadow_escape --llm-endpoint=https://api.example.com/chat    # Shadow Escape
python3 -m pytest -m llm_confused_deputy --llm-endpoint=https://api.example.com/chat  # Confused Deputy
python3 -m pytest -m llm_react2shell --llm-endpoint=https://api.example.com/chat      # ReAct2Shell (CVE-2025-55182)
python3 -m pytest -m llm_langchain_injection --llm-endpoint=https://api.example.com/chat # LangChain Injection
python3 -m pytest -m llm_alignment_faking --llm-endpoint=https://api.example.com/chat # Alignment Faking
python3 -m pytest -m llm_reward_hacking --llm-endpoint=https://api.example.com/chat   # Reward Hacking
python3 -m pytest -m llm_sycophancy --llm-endpoint=https://api.example.com/chat       # Sycophancy Exploitation
python3 -m pytest -m llm_emoji_attack --llm-endpoint=https://api.example.com/chat     # Emoji Attack
python3 -m pytest -m llm_multilingual_safety --llm-endpoint=https://api.example.com/chat # Multilingual Safety
python3 -m pytest -m llm_pleak --llm-endpoint=https://api.example.com/chat            # PLeak Extraction
python3 -m pytest -m llm_whisper_leak --llm-endpoint=https://api.example.com/chat     # Whisper Leak
python3 -m pytest -m llm_toxicity --llm-endpoint=https://api.example.com/chat         # Toxicity Scoring
python3 -m pytest -m llm_adversarial_opt --llm-endpoint=https://api.example.com/chat  # Adversarial Optimization
python3 -m pytest -m llm_orchestration --llm-endpoint=https://api.example.com/chat    # Red-Team Orchestration
python3 -m pytest -m llm_crescendo_stateful --llm-endpoint=https://api.example.com/chat # Stateful Multi-Turn

Test Intensity Levels

Level	Duration	Coverage	Use Case
light	5-10 min	Basic	Quick assessment
medium	15-25 min	Balanced	Regular testing (default)
aggressive	30-60 min	Thorough	Comprehensive audit

Project Structure

siteiq/
├── config.py              # Configuration management
├── conftest.py            # Pytest fixtures
├── requirements.txt       # Dependencies
├── README.md              # This file
├── DEPLOYMENT.md          # Deployment guide
├── geo.txt                # SEO/GEO implementation plan
├── payloads/              # Attack payloads
│   ├── sql_injection.py
│   ├── xss.py
│   ├── directory_traversal.py
│   ├── wordpress.py
│   ├── seo.py             # SEO test data & thresholds
│   ├── geo.py             # GEO test data & regions
│   ├── llm.py             # LLM attack payloads
│   ├── llm_emerging.py    # Emerging LLM threats (2024-2025)
│   ├── api_security.py    # API security payloads
│   ├── secrets.py         # Secret patterns & paths
│   ├── ssti.py            # Template injection payloads
│   └── xxe.py             # XXE injection payloads
├── utils/
│   └── scanner.py         # Core scanner utilities
├── tests/                 # Test modules
│   ├── test_sql_injection.py
│   ├── test_xss.py
│   ├── test_security_headers.py
│   ├── test_ssl_tls.py
│   ├── test_authentication.py
│   ├── test_wordpress.py
│   ├── test_directory_traversal.py
│   ├── test_csrf_owasp.py
│   ├── test_seo.py        # SEO analysis tests
│   ├── test_geo.py        # GEO testing
│   ├── test_llm.py        # LLM security tests
│   ├── test_api_security.py    # API security tests
│   ├── test_secrets.py         # Secrets detection
│   ├── test_ssti.py            # Template injection
│   ├── test_subdomain_takeover.py  # Takeover tests
│   └── test_xxe.py             # XXE injection tests
├── webapp/                # Web application
│   ├── app.py
│   └── templates/
│       ├── index.html     # Dashboard
│       ├── results.html   # Results page
│       └── help.html      # User guide
└── reports/               # Generated reports (JSON)

Security Severity Levels

Level	Description	Action
CRITICAL	Immediate exploitable risk (SQL injection, RCE)	Fix immediately
HIGH	Serious vulnerability (XSS, auth bypass)	Fix within 24-48 hours
MEDIUM	Moderate risk (missing headers, weak SSL)	Fix within 1-2 weeks
LOW	Minor issue (version disclosure)	Fix when possible
INFO	Informational (potential attack surface)	Review and consider

Reports

JSON reports are generated in the reports/ directory:

{
  "target": "https://example.com",
  "timestamp": "2024-01-15T10:30:00",
  "total_findings": 5,
  "findings_by_severity": {
    "critical": 1,
    "high": 2,
    "medium": 1,
    "low": 1,
    "info": 0
  },
  "findings": [...]
}

Legal Disclaimer

IMPORTANT: This tool is intended for authorized security testing only.

Only test systems you own or have explicit written permission to test
Unauthorized testing may violate laws and regulations
The authors are not responsible for misuse of this tool

Documentation

DEPLOYMENT.md - Full deployment and setup guide
Web Help - http://localhost:5000/help (when running)

License

MIT License - See LICENSE file for details.