I Jailbroke Claude Opus/Sonnet 4.6 & Haiku 4.5 with "more+"

AI infrastructure scanner: 120 fingerprints + 50 deep enumerators for LLM runtimes, vector databases, ML model servers, agent platforms, observability stacks, AI safety/guardrails, medical AI, and voice/audio AI. Defender + research tool. Single Go binary, read-only HTTP probes.

Sentinel-driven template extraction for Claude 4.7 — turn the model from a free-form writer into a precise extraction engine. Methodology + live captures + screencasts.

Go toolkit + library: structured adversarial corpora for LLM/RAG safety + quality testing. Prompt injection, KB exfiltration, jailbreak, system-prompt probing. CI/CD-ready.

Unified AI/LLM infrastructure hunt & assessment CLI — orchestrates JAXEN, VisorSD, VisorCorpus, BARE, and aimap

Language Model OSINT Research

Authorization Context Analyzer — a framework for describing code, systems, and behaviors by what they do vs. what they assume the right to do. 14-sample reference corpus spanning malware, supply-chain attacks, ICS, social engineering, and LLM prompt injection.

NuClide findings ledger — ECS-normalized, lifecycle-tracked, append-only SQLite store for AI infrastructure OSINT

Go OPA-based AI infrastructure assessment engine — ScubaGear-style compliance scoring over NuClide findings

Seed-polymorphic reconnaissance engine with environmental contamination detection

Agentic LLM injection benchmark — VisorCorpus payload delivery, VisorSD target discovery, HIT/MISS matrix per vector

Multi-source AI infrastructure discovery for government TLDs — CT logs + Shodan + DNS + Ollama fingerprinting with Mullvad VPN guard

High-performance infrastructure mapping and security recon engine with native gVisor sandboxing and Go Vuln DB integration.

Offline Semantic Exploit Mapping. Single-binary BERT encoder for mapping scans to Metasploit without Python or Torch.

Shodan exposure scanner + adversarial RAG security testing toolkit

Agentic recon CLI: RAG-grounded LLM drives 6 live tools (VisorGraph, aimap, BARE, nuclei, Menlo-hunt, OSV-scan) with every probe sandboxed in gVisor

Process injection detection benchmark: NtMapViewOfSection + WriteProcessMemory, Sysmon pass/fail per event ID

Claude Savant allows unlimited memory.md capacity

JAXEN is a stateful, Go-based reconnaissance framework designed to map modern enterprise attack surfaces. Powered by Shodan + local SQLite DB, it specializes in AI/LLM infrastructure hunting, enterprise gateway enumeration (Menlo Security), continuous diffing, and deep TLS certificate forensics.

Reverse engineering of Amazon's client-side bot detection system. Bytecode VM disassembler, neural network extraction (31→16→16→1), RC4 cookie decryptor, AI agent detection analysis. Responsibly disclosed; confirmed by Amazon.