Scanner

May 14, 2026 ยท View on GitHub

An open-source web application for AI model security assessments, built with Ruby on Rails and NVIDIA garak. Scanner helps organizations test their AI systems for vulnerabilities before deployment โ€” similar to penetration testing for traditional software.

๐Ÿ“– Full documentation โ†’

0DIN Scanner

Features

  • 179 community probes across 35 vulnerability families, aligned with the OWASP LLM Top 10
  • Multi-target scanning โ€” test API-based LLMs and browser-based chat UIs
  • Scheduled and on-demand scans with configurable recurrence
  • Attack Success Rate (ASR) scoring with trend tracking across scan runs
  • Live Activity Stream โ€” monitor queued and running scans with database-backed execution-log tails and final report logs
  • PDF report export with per-probe, per-attempt drill-down
  • SIEM integration โ€” forward results to Splunk or Rsyslog
  • Multi-tenant โ€” multiple organizations on a single deployment, data encrypted at rest
  • No artificial limits โ€” all features unlocked, unlimited scans and users

Community & Enterprise

Join the community, share feedback, or talk to us about a turn-key SaaS deployment โ€” everything lives on the Scanner landing page.

Quick Start

curl -sL https://raw.githubusercontent.com/0din-ai/ai-scanner/main/scripts/install.sh | bash

Or manually:

curl -O https://raw.githubusercontent.com/0din-ai/ai-scanner/main/dist/docker-compose.yml
curl -O https://raw.githubusercontent.com/0din-ai/ai-scanner/main/.env.example
cp .env.example .env
# Edit .env: set SECRET_KEY_BASE (openssl rand -hex 64), POSTGRES_PASSWORD, and ADMIN_INITIAL_PASSWORD
docker compose up -d

Open http://localhost and log in with admin@example.com and the ADMIN_INITIAL_PASSWORD value from your .env file. Change the initial password immediately.

See the Quick Start guide for full instructions including port configuration, first scan walkthrough, and troubleshooting.

Documentation

Quick StartGet running in minutes
First ScanRun your first scan with the built-in Mock LLM
User GuideTargets, scanning, reports, probes, integrations
DeploymentProduction deployment, TLS, database configuration
DevelopmentDev setup, architecture, extension points
TroubleshootingCommon issues and solutions

Contributing

See CONTRIBUTING.md for development setup, branch conventions, and the PR process.

To report a security vulnerability, see SECURITY.md.

License

This project is licensed under the Apache License 2.0. See LICENSE for details.