AI / LLM Red Team Field Manual & Consultant's Handbook
A complete operational toolkit for conducting AI/LLM red team assessments on Large Language Models, AI agents, RAG pipelines, and AI-enabled applications.
Quick Start
# Clone the repository
git clone https://github.com/shiva108/ai-llm-red-team-handbook.git
cd ai-llm-red-team-handbook
# Manual testing: Open docs/AI_LLM Red Team Field Manual.md
# Automated testing:
cd scripts
pip install -r requirements.txt
python runner.py --config config.py
📖 Detailed setup: See Configuration Guide
Repository Contents
| Resource | Description |
|---|---|
| Field Manual | Compact operational reference with attack prompts, tooling, OWASP/MITRE mappings |
| Handbook | Full consultancy guide with methodology, threat modeling, RoE/SOW templates |
| Building AI Red Teams | Strategic guide for building security teams |
| Report Template | Client-ready assessment report template |
| Python Framework | Automated testing suite for prompt injection, jailbreaks, data leakage, tool misuse |
Prerequisites
Manual Testing: Any text editor + target LLM access
Automated Testing:
- Python 3.8+
- Dependencies:
requests,pytest,pydantic,python-dotenv - API credentials for target LLM
Python Testing Framework
Test Suites
test_prompt_injection.py- Automated prompt injection attackstest_safety_bypass.py- Jailbreak and guardrail bypass teststest_data_exposure.py- Data leakage and PII extractiontest_tool_misuse.py- Function-calling and plugin abusetest_fuzzing.py- Adversarial input fuzzingtest_integrity.py- Model integrity and consistency
Configuration
Create scripts/.env:
API_ENDPOINT=https://api.example.com/v1/chat/completions
API_KEY=your-secret-api-key
MODEL_NAME=gpt-4
Run tests:
python runner.py # All tests
python runner.py --test prompt_injection # Specific test
python runner.py --verbose # Verbose output
📖 Full configuration options: Configuration Guide
Use Cases
Red Team Engagements: Use Field Manual attack prompts and Python framework for assessments
Training: Leverage Handbook for onboarding and team development
Client Work: Export PDFs for proposals and methodology documents
Roadmap
Planned:
- Sample RAG and LLM test environments
- Additional attack case studies
- Extended multimodal AI coverage
Contributions welcome via issues and PRs.
License
Licensed under CC BY-SA 4.0. See LICENSE for details.
Disclaimer
⚠️ For authorized security testing only.
Ensure:
- Written authorization (SOW/RoE) is in place
- Compliance with applicable laws and regulations
- No unauthorized testing on production systems
The authors accept no liability for unauthorized use.