2025-11-30 12:54:41 +01:00
2025-11-27 09:46:15 +01:00
2025-11-30 12:54:41 +01:00
2025-11-27 09:46:15 +01:00
2025-11-30 12:54:41 +01:00

AI / LLM Red Team Field Manual & Consultant's Handbook

Repository Banner

License Python Contributions Welcome Last Updated

A complete operational toolkit for conducting AI/LLM red team assessments on Large Language Models, AI agents, RAG pipelines, and AI-enabled applications.


Quick Start

# Clone the repository
git clone https://github.com/shiva108/ai-llm-red-team-handbook.git
cd ai-llm-red-team-handbook

# Manual testing: Open docs/AI_LLM Red Team Field Manual.md

# Automated testing:
cd scripts
pip install -r requirements.txt
python runner.py --config config.py

📖 Detailed setup: See Configuration Guide


Repository Contents

Resource Description
Field Manual Compact operational reference with attack prompts, tooling, OWASP/MITRE mappings
Handbook Full consultancy guide with methodology, threat modeling, RoE/SOW templates
Building AI Red Teams Strategic guide for building security teams
Report Template Client-ready assessment report template
Python Framework Automated testing suite for prompt injection, jailbreaks, data leakage, tool misuse

Prerequisites

Manual Testing: Any text editor + target LLM access

Automated Testing:

  • Python 3.8+
  • Dependencies: requests, pytest, pydantic, python-dotenv
  • API credentials for target LLM

Python Testing Framework

Test Suites

  • test_prompt_injection.py - Automated prompt injection attacks
  • test_safety_bypass.py - Jailbreak and guardrail bypass tests
  • test_data_exposure.py - Data leakage and PII extraction
  • test_tool_misuse.py - Function-calling and plugin abuse
  • test_fuzzing.py - Adversarial input fuzzing
  • test_integrity.py - Model integrity and consistency

Configuration

Create scripts/.env:

API_ENDPOINT=https://api.example.com/v1/chat/completions
API_KEY=your-secret-api-key
MODEL_NAME=gpt-4

Run tests:

python runner.py                           # All tests
python runner.py --test prompt_injection   # Specific test
python runner.py --verbose                 # Verbose output

📖 Full configuration options: Configuration Guide


Use Cases

Red Team Engagements: Use Field Manual attack prompts and Python framework for assessments

Training: Leverage Handbook for onboarding and team development

Client Work: Export PDFs for proposals and methodology documents


Roadmap

Planned:

  • Sample RAG and LLM test environments
  • Additional attack case studies
  • Extended multimodal AI coverage

Contributions welcome via issues and PRs.


License

Licensed under CC BY-SA 4.0. See LICENSE for details.


Disclaimer

⚠️ For authorized security testing only.

Ensure:

  • Written authorization (SOW/RoE) is in place
  • Compliance with applicable laws and regulations
  • No unauthorized testing on production systems

The authors accept no liability for unauthorized use.

S
Description
No description provided
Readme 247 MiB
Languages
Python 96%
Shell 3.8%
Dockerfile 0.2%