9 shipped projects at every layer of the stack. Every project ships FINDINGS.md with demonstrated results.
Agent Security Red-Team Framework
Systematic red-teaming of autonomous AI agents. 7 attack classes (5 not in OWASP/MITRE), 19 scenarios, 100% success with reasoning chain hijacking against default-configured agents. Tested on LangChain + CrewAI. Cost: ~$2 in API tokens.
RL Agent Vulnerability Framework
RL-specific attacks on autonomous agents. 4 attack classes, 2 custom Gymnasium environments, 40 trained agents including transformer policy. Observation perturbation degrades agents 20-50x more than reward poisoning. OWASP Agentic 7/10 mapped.
Model Behavioral Fingerprinting
Unsupervised backdoor detection for ML models. 6 anomaly detectors × 5 representations = 30-combination benchmark plus contrastive learning. Behavioral fingerprinting detects what static analysis misses.
Adversarial ML on Network Intrusion Detection
Adversarial evaluation of ML-based IDS with adversarial control analysis. 57 attacker-controllable vs 14 defender-observable features. Feature controllability reduces attack success 35%.
ML-Powered Vulnerability Prioritization
Predicting real-world CVE exploitability. Trained on 338K CVEs. Outperforms CVSS by +24pp AUC. SHAP explainability reveals vendor history and CVE age matter more than severity score.
AI Supply Chain Security Scanner
Static analysis scanner for ML project dependencies. 20 findings across 5 real projects (13 CRITICAL). Detects unsafe deserialization, known CVEs in ML libraries, and supply chain risks.
Financial Anomaly Detection
Fraud detection with CFA-domain features. XGBoost AUC 0.987. CFA features capture 91% of ML signal. 81% adversary-resistant floor from system-controlled features.
PQC Migration Analyzer
Post-quantum cryptography migration tool. 21K crypto-related CVEs scanned. ML scorer adds +14pp vs baseline. 70% of vulnerable crypto is in dependencies, not your code.
govML
Governance framework for ML projects. 50+ templates, 10 profiles, 20+ generators. Contract-driven reproducibility used across all of the above. 469+ tests. Internal tooling — the engine behind every project on this page.