Agentic Defense Matrix · Live
⚔️ ADM Battle Console
Autonomous red-team vs. blue-team battles running against the live gateway — real attacks, real blocks, streamed as they happen.
Connecting…
Attacks–
Block rate–
Detection rate–
Landed–
Remediations–
MTTR–
Residual risk–
Blocked / Landed–
Live battle feed
Waiting for battle events…
By technique
BlockedLanded
Loading…
System status
Checking services…
LLM providers
Checking…
Recent sessions
TechniqueTargetAttackRemediation
No sessions yet.
Red-team attack matrix (30 techniques)
| ID | Attack | Technique |
|---|---|---|
| RT-001 | Prompt Injection | Indirect injection via RAG context |
| RT-002 | Tool Chaining | read_secret → external_send chain |
| RT-003 | RAG Poisoning | Inject malicious URLs into knowledge base |
| RT-004 | Reverse Shell | bash -i >& /dev/tcp/... via tool call |
| RT-005 | Confused Deputy | Trick agent into privilege escalation |
| RT-006 | Token Theft | Replay captured JWT |
| RT-007 | Egress Exfiltration | DNS tunnel / HTTP POST to external |
| RT-008 | Container Escape | Mount host filesystem attempts |
| RT-009 | Rate Abuse | 1000 req/min automated probing |
| RT-010 | State Drift | Modify agent context mid-session |
| RT-011 | LLM Supply Chain | Compromised Ollama model |
| RT-012 | Log Injection | Crafted payloads in user input |
| RT-013 | TOCTOU Race | Race condition in policy check |
| RT-014 | DNS Rebinding | Bypass egress filter via DNS |
| RT-015 | Privilege Escalation | Exploit Watchdog → root |
| RT-016 | Indirect Tool Output | Inject malicious instructions in tool output |
| RT-017 | Multi-Turn Context | Build trust then exploit across turns |
| RT-018 | Encoding Injection | Base64/hex encoded payloads |
| RT-019 | Multi-Language | Injection in multiple languages |
| RT-020 | Nested Injection | Nested system/user/assistant markers |
| RT-021 | Social Engineering | Fake admin/emergency commands |
| RT-022 | Payload Obfuscation | Variable splitting, concatenation |
| RT-023 | Supply Chain | Malicious package installation |
| RT-024 | Time-Based | Delayed trigger injection |
| RT-025 | Resource Exhaustion | Large payloads, concurrent requests |
| RT-026 | Memory Poisoning | Poison agent conversation memory |
| RT-027 | Cross-Session | Contaminate other sessions |
| RT-028 | Token Extraction | Extract API keys/tokens |
| RT-029 | Denial of Service | Excessive token generation |
| RT-030 | Side Channel | Data exfiltration via encoding |
Endpoints
Or append ?api=…&gw=… to the URL.