Every defence has a blind spot. ECLIPSE finds it. Comprehensive AI security coverage analysis and bypass testing across all defensive layers. Ten specialised subsystems systematically identify gaps in WAFs, API gateways, AI guardrails, and runtime enforcement. Cryptographic evidence. OWASP Agentic Top 10. MITRE ATLAS.
Organisations deploy multiple AI security layers without any systematic way to test what those defences actually stop. Every vendor claims comprehensive protection. None of them have been tested together under adversarial conditions. ECLIPSE maps every defensive layer and identifies exactly where attackers walk straight through.
Security teams deploy WAFs, guardrails, API gateways and runtime enforcement without knowing which attack vectors they actually block. ECLIPSE runs comprehensive coverage analysis across every layer and tells you exactly what's protected and what isn't.
Attackers don't follow documentation. They find the gaps between defensive layers — the requests that slip past WAF rules but bypass guardrail logic, the API calls that evade gateway policies while tripping runtime monitors. ECLIPSE probes every seam.
Every vendor tests their own solution in isolation. Nobody tests how Cloudflare, Lakera, Kong, and NeMo interact under a real attack. ECLIPSE is vendor-agnostic, systematic, and tests the combination — not just the individual components.
Penetration testing findings are only as good as the evidence behind them. ECLIPSE's FLARE subsystem captures tamper-evident cryptographic evidence of every bypass attempt and success, building a forensic record that holds up under scrutiny.
OWASP Agentic Top 10 and MITRE ATLAS define the attack surface. Security teams have no systematic way to measure coverage against these frameworks. ECLIPSE's SPECTRA subsystem maps every finding directly to the relevant framework techniques.
Choosing between AI security vendors requires objective comparison data. Vendor demos are biased by design. ECLIPSE's PARALLAX subsystem provides objective comparative analysis — same test, same target, same conditions, side by side.
ECLIPSE is built from ten specialised subsystems that cover the complete AI defence stack. From initial reconnaissance through WAF bypass, guardrail defeat, runtime evasion, vendor analysis, cryptographic evidence, and final reporting — every phase is real HTTP connections and genuine analysis. No placeholders.
Comprehensive reconnaissance of defensive layers protecting AI systems. Maps WAFs, CDNs, API gateways, rate limiters, and all security controls through fingerprinting and signature analysis.
AI-powered bypass strategy planner. Analyses SHADOW's reconnaissance data, prioritises attack vectors by success probability, and builds multi-step bypass chains.
Specialist WAF and edge protection bypass engine targeting Cloudflare, Akamai, AWS WAF, and Fastly with platform-specific evasion techniques.
API gateway penetration for Kong, Apigee, AWS API Gateway, and Azure APIM. Targets authentication bypass, rate limit circumvention, and request validation evasion.
AI safety system and guardrail defeat engine. Targets content policies, jailbreak detection, and safety classifiers across major commercial AI guardrail platforms.
Behavioural analysis and runtime enforcement evasion through traffic obfuscation, pattern mimicking, and stealth persistence techniques.
Maps all findings against OWASP Agentic Top 10 and MITRE ATLAS, identifying coverage gaps and producing framework-aligned assessment reports.
Objective comparative analysis across multiple AI security vendors. Same tests, same conditions, side-by-side effectiveness scoring and benchmark reporting.
Tamper-evident cryptographic evidence capture for all testing activities. SHA-256 hash chains with RSA signatures build a forensic record that survives legal scrutiny.
Synthesises all subsystem findings into comprehensive reports. Executive summaries, technical findings, framework mapping, and remediation guides in a single output.
ECLIPSE runs as a clean CLI tool. Reconnaissance mode requires no authorisation. Analysis mode adds active testing. Full engagement mode unlocks destructive bypass testing and requires UNLEASHED cryptographic authorisation.
$ eclipse scan --target https://api.target.com --mode recon [INFO] ECLIPSE Engine v1.0.0 — 10 subsystems loaded [INFO] Running SHADOW — Defensive layer discovery [INFO] Running SPECTRA — Coverage gap analysis [INFO] Running FLARE — Cryptographic evidence capture [INFO] Running TOTALITY — Report generation WAF detected: Cloudflare (confidence: 0.94) API gateway: AWS API Gateway (confidence: 0.87) Coverage gaps identified: 4 OWASP Agentic Top 10 vectors
$ eclipse scan --target https://api.target.com --mode analysis [INFO] Running SHADOW, PRISM, CORONA, UMBRA, PENUMBRA, VEIL [INFO] Running SPECTRA, PARALLAX, FLARE, TOTALITY CORONA: Cloudflare bypass via parameter pollution — SUCCESS (confidence: 0.71) PENUMBRA: NeMo Guardrails — context reconstruction bypass — SUCCESS Risk score: 83.4 / 100 — CRITICAL Vulnerabilities found: 9 | Critical: 3 | High: 4 | Medium: 2
$ eclipse unleashed create-scope --targets https://api.target.com --days 7 [INFO] Scope signed with Ed25519. Expires: 2026-04-08. $ eclipse scan --target https://api.target.com --mode full --override --confirm-destroy UNLEASHED gate cleared. All 10 subsystems active. CORONA: Full origin server bypass — SUCCESS UMBRA: AWS API Gateway auth bypass — SUCCESS Full engagement report: results.json | evidence.flare
ECLIPSE's 10 subsystems execute in a defined assessment pipeline. Each phase feeds the next. PRISM coordinates strategy across all bypass subsystems. Every execution generates cryptographic evidence through FLARE.
FLARE captures tamper-evident evidence of every test, every bypass, every finding. SHA-256 hash chains with RSA signatures. Every engagement generates a forensic record that holds up under legal and regulatory scrutiny.
SHA-256 chained hashes across every log entry. Any tampering breaks the chain and is immediately detectable.
RSA signatures on all evidence packages. Verify authenticity and integrity without access to the original session.
Chronological reconstruction of every test activity. Precise timestamps. Full audit trail from scan start to report generation.
Complete technical and procedural documentation. Request/response capture. Headers. Status codes. Response bodies. All cryptographically secured.
Standard mode runs reconnaissance only. --override adds active bypass testing. --override --confirm-destroy unlocks full destructive engagement. Ed25519 crypto. Dual-gate safety. One operator key. Every execution cryptographically logged.
Reconnaissance only. SHADOW and SPECTRA active. Maps defensive layers, identifies coverage gaps, classifies targets. No bypass attempts. No modification. Reports and evidence only.
Active bypass testing unlocked. CORONA, UMBRA, PENUMBRA, VEIL activated. Safe payloads only. Tests bypass viability without full exploitation. Ed25519 authorisation required.
Full destructive engagement. All bypass subsystems at maximum capability. Real exploitation. Complete evidence chain. Every finding verified live. Ed25519 dual-gate required.
THIS TOOL IS FOR AUTHORISED SECURITY TESTING ONLY. EVERY EXECUTION IS SIGNED AND LOGGED.
ECLIPSE performs active bypass testing against AI security implementations. It is intended for authorised penetration testing and security assessments ONLY. Unauthorised use is illegal and unethical. Always obtain written authorisation and define clear scope before running any assessment. Every engagement is cryptographically signed, timestamped, and logged by FLARE. There is no plausible deniability.
10 subsystems. WAF bypass. API gateway penetration. Guardrail defeat. Runtime evasion. OWASP Agentic Top 10. MITRE ATLAS. Cryptographic evidence. Tool 43 of NIGHTFALL.