Alternatives to 42Crunch for Model information disclosure check

This tool focuses on identifying how an API may unintentionally expose model internals, instructions, or training data through its runtime behavior. The scan is black-box, requiring no code or agent access, and completes in under a minute. It sends read-only requests such as GET and HEAD, with text-only POST used only for LLM probes.

The scanner maps findings to OWASP API Top 10 (2023) and covers areas relevant to model information disclosure. Detection includes:

• LLM / AI Security: 18 adversarial probes across Quick, Standard, and Deep tiers, targeting system prompt extraction, instruction override, DAN and roleplay jailbreaks, data exfiltration, cost exploitation, encoding bypasses, translation-embedded injection, few-shot poisoning, markdown injection, multi-turn manipulation, indirect prompt injection, token smuggling, tool-abuse, nested instruction injection, and PII extraction.
• Input Validation: detection of CORS wildcard (with and without credentials), dangerous HTTP methods, and debug endpoints that may aid prompt injection or data leakage.
• Data Exposure: identification of PII patterns such as email addresses, Luhn-validated card numbers, context-aware SSNs, and API key formats including AWS, Stripe, GitHub, and Slack that may indicate model service keys.
• Authentication and Security Headers: multi-method bypass checks, JWT misconfigurations including alg=none and expired tokens, and compliance with WWW-Authenticate headers.
• Server fingerprinting and inventory management findings, such as missing versioning and legacy path patterns, that can reveal stack or model-serving infrastructure.

Authenticated scanning is available starting with the Starter tier and supports Bearer, API key, Basic auth, and Cookie credentials. Domain verification is enforced through DNS TXT records or an HTTP well-known file, ensuring only the domain owner can scan with credentials. The scanner uses a strict header allowlist: Authorization, X-API-Key, Cookie, and X-Custom-* headers. All scanning is read-only, with destructive payloads never sent. Private IPs, localhost, and cloud metadata endpoints are blocked at multiple layers. Customer data can be deleted on demand and is purged within 30 days of cancellation.

The scanner parses OpenAPI 3.0, 3.1, and Swagger 2.0 documents with recursive $ref resolution, cross-referencing spec definitions against runtime findings to highlight undefined security schemes, sensitive fields, deprecated operations, and missing pagination. For ongoing visibility, the Pro tier provides scheduled rescans every 6 hours, daily, weekly, or monthly. It detects diffs between scans, including new findings, resolved findings, and score drift, and supports email alerts rate-limited to one per hour per API. HMAC-SHA256 signed webhooks are delivered, with auto-disable after 5 consecutive failures.

You can interact with the scanner through multiple channels. The CLI, available as an npm package, supports commands such as middlebrick scan <url> with JSON or text output. The web dashboard enables scanning, report viewing, score trend tracking, and branded compliance PDF downloads. A GitHub Action can gate CI/CD, failing builds when scores drop below a set threshold. The MCP Server allows scanning from AI coding assistants like Claude and Cursor. The API client supports custom integrations. Pricing includes a free tier with 3 scans per month, Starter at 15 APIs, Pro at 100 APIs with continuous monitoring and GitHub Action gates, and Enterprise with unlimited APIs, custom rules, SSO, and audit logs.