aimap is a purpose-built scanner for AI and machine learning infrastructure.
Where nmap and nuclei identify that a service is running, aimap identifies
which AI/ML service is running and whether it is exposing data, PII,
credentials, or compute.
-
Unauthenticated Jupyter kernels (RCE)
-
Vector database PII field exposure
-
Flowise credentials endpoint accessibility
-
Ollama open inference endpoints (LLMjacking vector)
-
Dify with unclaimed admin accounts
-
Langfuse instances leaking LLM conversation history
-
MLflow experiments and model registries accessible
-
Weaviate schemas with regulated-data fields
-
ChromaDB collections with PII-indicating names
Fingerprinted services: Weaviate, ChromaDB, Qdrant, Milvus, Ollama, vLLM,
LocalAI, text-generation-webui, MLflow, TensorFlow Serving, Triton
Inference Server, Ray Serve, Ray Dashboard, Kubeflow, LangServe, Flowise,
Dify, Open WebUI, LiteLLM, BentoML, Langfuse, Jupyter Notebook, Docker
Registry.
Dependencies
None. Single statically-linked Go binary. Built with Go stdlib only —
no external Go modules, no system libraries, no runtime dependencies.
License
MIT
Similar tools
None in Kali currently. Generic scanners (nmap, nuclei) can detect HTTP
services on AI-related ports but do not fingerprint them as AI services
specifically, do not perform service-appropriate deep enumeration, and do
not surface findings like "ChromaDB collection with PII field exposed" or
"Jupyter with unauthenticated code execution."
aimap fills a gap that has become significant as AI adoption in
enterprise environments has accelerated. Security teams auditing their
own networks for shadow AI deployments — or bug bounty researchers
testing AI companies within program scope — currently have to chain
together multiple tools and hand-craft detections. aimap provides this
coverage natively.
Why this should be in Kali
AI infrastructure exposure has become a mainstream attack surface:
-
Operation Bizarre Bazaar (disclosed January 2026) documented a
commercial marketplace built on compromised LLM inference servers
across 30+ providers.
-
Pillar Security, Cisco Talos, and UpGuard have all published research
on unauthenticated vector database exposure during 2024-2025.
-
GreyNoise has observed 91,000+ documented attack sessions targeting
AI/ML services on Shodan-indexed infrastructure.
-
The OWASP LLM Top 10 now formalizes several of these exposure classes.
Kali currently lacks any tool specifically designed for AI
infrastructure reconnaissance. aimap is a natural addition alongside
nmap, nuclei, and masscan in the /auditing category.
Usage examples
Shadow-AI audit of internal network
aimap -target 10.0.0.0/24 -threads 50 -o audit.json
Single-host deep dive with wide port coverage
aimap -target 10.5.5.5 -v -ports 8000,8080,8888,9091,11434,6333,19530
CI/CD deployment gate
aimap -target $DEPLOY_URL -o check.json && \
jq '.enum_results[] | select(.risk_level == "critical")' check.json
External exposure check against your own public ranges
aimap -list corp-public-ips.txt -threads 10 -timeout 10s -o external.json
Technical details
-
Single Go binary (~5MB statically linked, prebuilt for linux+darwin amd64+arm64)
-
Read-only HTTP GETs only (no writes, no auth attempts, no exploits)
-
3-phase pipeline: port scan → service fingerprint → deep enumeration
-
JSON output with stable schema for pipeline integration
-
Colored terminal output with risk scoring
-
CIDR support, threaded scanning, configurable timeouts
-
Man page included (aimap.1)
-
BlackArch PR pending: https://github.com/BlackArch/blackarch/pull/4912
Build
go install github.com/Nicholas-Kloster/aimap@latest
Or from source:
git clone https://github.com/Nicholas-Kloster/aimap.git
cd aimap
go build -o aimap .
Or download a prebuilt binary:
curl -LO https://github.com/Nicholas-Kloster/aimap/releases/download/v1.1.1/aimap-linux-amd64
chmod +x aimap-linux-amd64
sudo mv aimap-linux-amd64 /usr/local/bin/aimap
Tested on: Go 1.21+ / Ubuntu 22.04, 24.04 / Arch / Kali Linux rolling
Author / contact
Nicholas Kloster (NuClide)
GitHub: https://github.com/Nicholas-Kloster
Issues: https://github.com/Nicholas-Kloster/aimap/issues
