garak is NVIDIA's open-source tool for LLM red-teaming and vulnerability scanning. Named after the deceptive Star Trek character, it systematically probes AI models for security weaknesses, biases, and failure modes.

The tool runs automated attack sequences including prompt injection attempts, jailbreak patterns, data extraction probes, encoding-based bypasses, toxicity elicitation, hallucination triggers, and dozens of other vulnerability categories drawn from AI security research.

A modular architecture separates probes (attack generators), detectors (vulnerability identifiers), and generators (target model interfaces). This makes it extensible — researchers and security teams can add custom attack patterns specific to their applications.

garak works with any LLM endpoint including OpenAI, Anthropic, Hugging Face models, and local deployments. It generates detailed vulnerability reports scoring each model across attack categories, enabling systematic comparison of model security postures before deployment.

garak

Pricing

Platforms

Categories

Tags

Use Cases

Alternatives

MCP-Scan

DeepTeam

Comparisons

Shannon vs Garak — AI Penetration Tester vs LLM Vulnerability Scanner

ps-fuzz vs Garak vs NeMo Guardrails — Prompt Injection Testing & LLM Security Tools Compared

Shannon

osv-scanner

ModelScan vs LLM Guard vs Garak — AI Model Security Comparison

Lakera vs garak — LLM Security Tool Comparison