Migrating from 42Crunch to middleBrick for Few-shot poisoning test

Try middleBrick free

What middleBrick covers

  • Black-box scanning with no agents or SDK integration
  • Risk score A–F with prioritized findings
  • 18 adversarial probes including few-shot poisoning
  • OpenAPI 3.x and Swagger 2.0 parsing with $ref resolution
  • Authenticated scanning with header allowlist
  • Continuous monitoring and diff detection across scans

Overview of migration from 42Crunch to middleBrick

Migrating from 42Crunch to middleBrick for few-shot poisoning tests changes the workflow from managed infrastructure to a scanner that only requires a reachable URL. middleBrick performs black-box scanning without agents, SDKs, or code access and returns a risk score with prioritized findings in under a minute. This approach removes infrastructure maintenance while still surfacing relevant security behaviors, including the prompt injection and data exfiltration probes characteristic of few-shot poisoning.

How few-shot poisoning tests are executed

During a scan, middleBrick runs 18 adversarial probes across three scan tiers: Quick, Standard, and Deep. These probes include few-shot poisoning patterns designed to manipulate model behavior through example-based instructions. The scanner sends read-only methods (GET and HEAD) plus text-only POST for LLM probes and does not execute destructive payloads. Sensitive data is never retained beyond the scan session, and private endpoints are blocked at multiple layers.

Comparing detection and reporting approaches

Where 42Crunch relies on its own runtime instrumentation, middleBrick maps findings directly to OWASP API Top 10 (2023), PCI-DSS 4.0, and SOC 2 Type II controls. The scanner parses OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution and cross-references spec definitions against runtime observations. Reports highlight misconfigurations such as JWT alg=none, missing security schemes, and error leakage, and provide remediation guidance rather than attempting to fix or patch findings.

Authentication and domain verification requirements

Authenticated scanning in middleBrick requires Bearer tokens, API keys, Basic auth, or cookies. Before credentials are accepted, domain verification is enforced through a DNS TXT record or an HTTP well-known file, ensuring only the domain owner can scan with authentication. The scanner forwards a restricted allowlist of headers, including Authorization, X-API-Key, Cookie, and X-Custom-* headers.

Output formats and integration options

Results are available via the Web Dashboard, where scans can be reviewed, score trends tracked, and branded compliance PDFs downloaded. The CLI supports middlebrick scan <url> with JSON or text output, and a GitHub Action can fail builds when the score drops below a defined threshold. An MCP server enables scanning from AI coding assistants, and a programmable API allows custom integrations.

See how middleBrick compares See all use cases

Frequently Asked Questions

Does middleBrick perform active SQL injection or command injection during scans?
No. middleBrick does not perform active SQL injection or command injection, as those require intrusive payloads outside its scope.
Can middleBrick detect business logic vulnerabilities related to few-shot poisoning?
It surfaces findings relevant to few-shot poisoning patterns, but it does not replace a human pentester who understands your domain-specific logic.
Is customer scan data used for model training?
No. Customer data is never sold and is not used for model training. Data is deletable on demand and purged within 30 days of cancellation.
Which frameworks does middleBrick support for API definition analysis?
middleBrick parses OpenAPI 3.0, 3.1, and Swagger 2.0 with recursive $ref resolution.

Related Pages

Tool abuse audit — API securityTool abuse audit: what to check, how to automate it, and how middleBrick covers it.Vendor risk assessment — API securityVendor risk assessment: what to check, how to automate it, and how middleBrick covers it.Webhook receiver hardening — API securityWebhook receiver hardening: what to check, how to automate it, and how middleBrick covers it.Migrate from Detectify to middleBrickWhat changes when you move from Detectify to middleBrick, and how to not lose anything in transit.Migrate from Noname Security to middleBrickWhat changes when you move from Noname Security to middleBrick, and how to not lose anything in transit.Migrate from Salt Security to middleBrickWhat changes when you move from Salt Security to middleBrick, and how to not lose anything in transit.