Each tool stands alone — together they're a complete security testing, simulation, and education platform.
A cybersecurity testing and simulation laboratory. 58+ features across 11 protocol servers, chaos engineering, AI-powered deception, red team automation, and full observability — with a React dashboard, terminal UI, and CLI. Everything you need to build, attack, and observe realistic environments.
HTTP/1.1, HTTP/2, gRPC, WebSocket, Redis, SMTP, MQTT, ICAP, Syslog, TCP/UDP — all running simultaneously with full request reflection and traffic analysis.
Autonomous AI agent that explores targets, selects attack tools, and reports findings. Session-based with configurable iteration limits and tool allowlists.
AI-powered honeypots with fake admin consoles and shell terminals. Tarpit defenses. CPU/memory chaos injection. Supply chain attack simulation. Container escape testing.
React dashboard with real-time SSE, 18-widget terminal UI, Prometheus metrics, PCAP capture, HAR replay, and a CLI with 12 command categories.
A security education and training platform. The Chimera API provides 450+ vulnerable endpoints across 22 industry verticals. Chimera Portals is a dozen web UIs built on that API — guided exploit tours, a code-level vulnerability inspector, WAF attack visualization, and an LLM kill chain tracker. Not toy CTF puzzles — real attack surfaces with real teaching tools.
Step-by-step guided walkthroughs of complete exploit chains. Follow along as attacks unfold across realistic multi-step scenarios.
See exactly where vulnerabilities exist in the code and how to remediate them. Connects attack surface to source with actionable fixes.
Blue team mode powered by Apparatus integration. Visualize attack flows through the system and see how WAF rules block them in real time.
Track and visualize exploit chains targeting LLMs. Prompt injection, jailbreaking, data exfiltration — mapped and explained.
Enterprise-grade attack simulation and compliance engine. Composable scenario chains mapped to MITRE ATT&CK with automated compliance reporting against NIST, CIS, PCI DSS, and HIPAA. Point it at Apparatus + Chimera, or bring your own targets.
Composable attack chains: recon → exploit → escalate → exfil. Custom scenarios or built-in playbooks mapped to MITRE ATT&CK.
Map results to NIST 800-53, CIS Controls, PCI DSS, and HIPAA. Generate audit-ready evidence automatically.
AI-driven scenario generation that adapts attack paths based on discovered vulnerabilities. Finds what static scanners miss.
Executive summaries, technical deep-dives, and remediation roadmaps. Export as PDF, JSON, or pipe to your SIEM.
Each tool works independently. Use Apparatus as a security simulation lab, Chimera to learn offensive security hands-on, or Crucible for enterprise-grade validation.