AI-native · Self-hosted · Offensive security

Your AI security assistant. Self-hosted. Provably local.

Nullsid turns raw scanner output into client-ready reports — ingest findings, correlate, score, and draft — entirely on your hardware. Local inference by default. No cloud, no API keys, no data leaving your network.

Zero outbound traffic Verifiable by packet capture Runs on your infrastructure

Your security data has no business
living in someone else's cloud.

Whether you're a consulting firm under NDA or an internal security team under policy, your findings — AD topology, credentials, vulnerabilities — are regulated. Yet every "AI security tool" wants you to upload them to its API.

Cloud AI security tools

"Upload your findings to our API and let our AI handle the rest." Client data leaves your machine. You hand NDA-protected material to a third party with no control over retention, training, or breach exposure. POST /api/analyze is a compliance liability.

Cloud agentic platforms

"Autonomous AI pentesting, in our cloud, at enterprise scale." $450/month or an enterprise contract. No local option, no flat pricing, no self-hosting. Your tooling lives in someone else's infrastructure, phoning home to their servers.

An AI security assistant
that runs on your hardware.

Nullsid is self-hosted, not a cloud API. Local inference is the default, not an afterthought. Bring your own key for frontier models if you want — it's never required, and nothing leaves your network unless you say so.

Reporting

Scanner output to client-ready report

Import from Burp, Nmap, Nuclei, Nessus, Semgrep, or plain notes. Nullsid parses, deduplicates, correlates, scores CVSS 3.1, drafts descriptions and remediation, and generates an executive summary — then exports a branded PDF or DOCX. All offline, all local.

# Supported parsers
  Burp      → XML import
  Nmap      → XML output
  Nuclei    → JSON
  Nessus    → .nessus
  Semgrep   → SARIF
  Notes     → Markdown / plain
─────────────────────────
  Output    → PDF / DOCX
  Templates → Custom branding
  Inference → Llama-class (local)
Provably local

Zero outbound. Verifiable. Always.

A built-in network monitor shows real-time outbound traffic during processing. Export a packet capture as proof for your client: their data never left the machine. Every AI capability — reporting, validation, assessment — runs on your hardware. No cloud, no calls home.

Nullsid — network monitor
━━━━━━━━━━━━━━━━━━━━━━━━━━━
  Outbound     0 B/s
  Inbound      0 B/s (idle)
  DNS queries  0
  API calls    0
━━━━━━━━━━━━━━━━━━━━━━━━━━━
  STATUS: PROVABLY LOCAL
  → export .pcap proof for client

From scanner output to
signed-off report.

Three steps, all on your machine. Nullsid does the mechanical work — parsing, correlation, first-draft prose — and hands you a report to review, not a black box to trust.

1
Step 01 — Import

Drop in your findings

Load output from Burp, Nmap, Nuclei, Nessus, or Semgrep — or paste plain notes. Nullsid normalizes everything into one findings model and deduplicates across tools.

2
Step 02 — Correlate & draft

Local AI does the heavy lifting

The assistant correlates related findings, scores CVSS 3.1, and drafts descriptions, remediation, and an executive summary. Every draft is editable inline — you stay in control.

3
Step 03 — Export

Branded, ready to deliver

Generate a branded PDF or DOCX from your own template. Attach a packet capture proving the engagement data never left your hardware.

Self-hosted · No credentials required

Your AI security assistant.
On your hardware.

Nullsid is in early access. Join the waitlist for local, self-hosted AI report generation. No spam, no cloud, no identity required.

No spam. One update when early access opens.