eyadkelleh

Runs a curated set of SQL injection, command injection, and special-character payloads against your endpoints to surface input-validation gaps before they become incidents.

Finds API keys, credit cards, SSNs, emails, phone numbers, IPs, and other sensitive data in logs, dumps, or code snippets. Flags what shouldn't be visible.

Provides curated password lists from real breaches and common patterns—under 10MB—so you can run credential-stuffing tests without spinning up a massive dataset.

Provides curated lists of common usernames and default credentials for authorized security testing and penetration tests on your infrastructure.

Provides sanitized samples of PHP, ASP, JSP, and Python web shells for testing intrusion detection systems, SIEM rules, and security monitoring without live risk.

Generates safe test payloads — file names, content patterns, and formats — that trigger security tools without causing actual harm. Use to validate your filters work.

Runs a suite of adversarial prompts against Claude to surface bias, data leakage, misalignment, and jailbreak vectors. Produces a report of what breaks and severity.