CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-05-31 19:41:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
259 Commits 2 Branches 0 Tags
140f236dd447d6e032e4155eb08987a6a9d4be5c
Commit Graph

259 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matteo Meucci 140f236dd4 Update headings and improve test documentation 2025-11-02 18:05:53 +01:00
Matteo Meucci 6411868698 Revise section headers for testing document 
Updated section headers to improve clarity and consistency in the testing document.
 2025-11-02 17:47:23 +01:00
Matteo Meucci 9d01b136f8 Revise expected output for model extraction tests 
Updated expected output criteria for model extraction testing, clarifying fidelity levels and defensive mechanisms.
 2025-11-02 17:46:43 +01:00
Matteo Meucci f36d16964d Enhance model extraction testing documentation 
Expanded testing documentation for model extraction attacks, including detailed payloads, prerequisites, and step-by-step instructions for data acquisition, surrogate model training, and evaluation.
 2025-11-02 17:45:12 +01:00
Matteo Meucci 8e55e6238d Enhance embedding manipulation testing documentation 
Expanded testing scenarios for embedding manipulation, including payloads and expected secure behaviors.
 2025-11-02 17:28:41 +01:00
Matteo Meucci ae07885a80 Enhance documentation on embedding manipulation testing 
Expanded the section on embedding manipulation to include detailed explanations of vulnerabilities, attack vectors, and testing objectives. Updated suggested tools for testing embedding robustness.
 2025-11-02 17:23:25 +01:00
Matteo Meucci d34c7d8e42 Update README.md 2025-10-30 18:07:24 +01:00
Matteo Meucci ad9fa99f1e Fix links in README for AI Testing sections 2025-10-30 18:04:12 +01:00
Matteo Meucci eb899ebe44 Update table of contents in README.md 2025-10-30 18:03:02 +01:00
Matteo Meucci 736763ea47 Add AI Testing Guide objectives and methodology 
This guide aims to provide a structured framework for assessing AI systems' security, targeting various roles involved in AI security and compliance. It outlines a methodology for threat modeling, mapping, and testing specific to AI applications.
 2025-10-30 18:02:46 +01:00
Matteo Meucci 4c3dbfbfa1 Moved Document/content/1.1_Principles_of_AI_Testing.md 2025-10-30 18:01:41 +01:00
Matteo Meucci 64059cf00f Add OWASP AI Testing principles and lifecycle phases 
This document outlines the principles of OWASP AI Testing, detailing four macro domains: Security, Privacy, Responsible AI, and Trustworthy AI Systems. It also describes the phases of the AI system lifecycle and the importance of integrating testing throughout.
 2025-10-30 18:01:13 +01:00
Matteo Meucci d4573ce6cb Moved 2025-10-30 17:59:15 +01:00
Matteo Meucci f522948dfd Add OWASP AI Testing Guide and contributor list 
Introduced the OWASP AI Testing Guide, outlining its purpose, methodology, and contributors.
 2025-10-30 17:57:48 +01:00
Matteo Meucci 5baed52ca3 Fix link to AI Application Testing section 2025-10-30 17:53:07 +01:00
Matteo Meucci c99d2969f3 Refine testing documentation for prompt disclosure 
Updated sections for clarity and consistency, including test objectives, expected outputs, and suggested tools.
 2025-10-30 17:38:58 +01:00
Matteo Meucci d2b2f3b057 Refine content and headings for agentic behavior testing 
Updated section headings for consistency and clarity. Revised text for better readability and precision regarding agentic behavior testing.
 2025-10-30 17:22:31 +01:00
Matteo Meucci 88f15ccb7d Revise section titles for clarity in testing guidelines 
Updated section titles and clarified testing instructions for unsafe outputs.
 2025-10-30 17:18:32 +01:00
Matteo Meucci 8bd00636cd Revise section titles in input leakage testing doc 
Updated section titles for clarity in testing documentation.
 2025-10-30 17:08:58 +01:00
Matteo Meucci dac1a442f4 Revise test documentation for sensitive data leakage 
Updated sections for clarity and consistency in testing documentation.
 2025-10-30 17:05:34 +01:00
Matteo Meucci 1ca047f15a Update testing document for indirect prompt injection 2025-10-30 17:03:10 +01:00
Matteo Meucci 8a6445b6ae Update testing document for prompt injection techniques 2025-10-30 17:01:39 +01:00
Matteo Meucci 8c9ed7d5ce Merge pull request #51 from federicodotta/main 2025-10-28 10:46:26 +01:00
Federico Dotta 76ffd748ba + Tools vulnerabilities 2025-10-28 09:44:46 +01:00
Federico Dotta e6cc4ffb64 + MCP indirect prompt injection 2025-10-28 09:44:33 +01:00
Matteo Meucci 7027f0bbca Merge pull request #50 from mmorana1/patch-22 2025-10-22 21:34:16 +02:00
Marco Morana 9a9fa8448c Update 2.2_Appendix_E.md 
Riveduto il mapping threats CWE, rattionale, reccomendations per consisenza
 2025-10-22 15:25:50 -04:00
Matteo Meucci 53ac4d6797 Merge pull request #49 from mmorana1/patch-21 2025-10-22 08:47:27 +02:00
Marco Morana b99c7d9aa2 Update 2.2_Appendix_E.md 
Cambi cosmetici per chiarezza nella lettura
 2025-10-21 19:33:15 -04:00
Matteo Meucci 24bbc66504 Update 00_Preface and Contributors.md 2025-10-21 19:36:35 +02:00
Matteo Meucci fde06dbc4f Merge pull request #48 from mmorana1/patch-20 
Update 2.2_Appendix_E.md
 2025-10-21 19:16:13 +02:00
Marco Morana 7de813ef92 Update 2.2_Appendix_E.md 
It is really 3 steps.. so revised again
 2025-10-21 13:13:32 -04:00
Matteo Meucci f352d33b76 Merge pull request #47 from mmorana1/patch-19 2025-10-21 18:22:52 +02:00
Marco Morana 47b241cb29 Update 2.2_Appendix_E.md 
aggiunta maggiore chiarezza su come la mappatura dalla minaccia al componente SAIF, al test e alle vulnerabilità (CVEs e CWEs) di quel componente renda il report di penetration testing più concreto e orientato all’azione, facilitando la formulazione di raccomandazioni di correzione efficaci.
 2025-10-21 12:21:10 -04:00
Matteo Meucci c9438a0f81 Update title formatting in preface document 2025-10-21 17:20:42 +02:00
Matteo Meucci d9f4df44b1 Add preface and contributors section for AITG 
This document serves as the preface and contributor acknowledgment for the OWASP AI Testing Guide, outlining the purpose, methodology, and contributors involved in the project.
 2025-10-21 16:51:11 +02:00
Matteo Meucci edcac8cc7b Merge pull request #44 from NeuralTrust/add-echo-chamber-blog 
Add reference link for Echo Chamber Attack technique
 2025-10-16 19:50:25 +02:00
marti-jorda-roca 6a81e0318c Add reference to Echo Chamber attack blog 2025-10-16 17:21:47 +02:00
Matteo Meucci 5e48c84e13 Merge pull request #43 from mmorana1/patch-16 
Update 2.2_Appendix_E.md
 2025-10-16 15:05:29 +02:00
Marco Morana f81590039d Update 2.2_Appendix_E.md 
Reorganized more organically with titles etc
 2025-10-16 08:54:50 -04:00
Matteo Meucci 3be20eaa24 Merge pull request #42 from mmorana1/patch-15 
Update README.md
 2025-10-16 14:18:39 +02:00
Marco Morana ab21d1f5e7 Update README.md 
Changed the titles for Appendix sections to make it clear what the appendix cover and better selection from TOC
 2025-10-16 08:14:56 -04:00
Matteo Meucci 8b39b5e22d Merge pull request #41 from mmorana1/patch-14 
Update 2.2_Appendix_E.md
 2025-10-15 20:01:10 +02:00
Marco Morana d8703cb1d0 Update 2.2_Appendix_E.md 
Should be the last. correction. I hope
 2025-10-15 13:57:41 -04:00
Matteo Meucci e007cb0266 Merge pull request #40 from mmorana1/patch-13 
Update 2.2_Appendix_E.md
 2025-10-15 19:13:31 +02:00
Marco Morana 29fd475e68 Update 2.2_Appendix_E.md 
Added more clarity to the CVE to SAIF and AI threats with an example
 2025-10-15 12:35:24 -04:00
Matteo Meucci 3062449279 Merge pull request #39 from mmorana1/patch-12 
Update 2.2_Appendix_E.md
 2025-10-15 16:53:04 +02:00
Marco Morana 74cf81b771 Update 2.2_Appendix_E.md 
Revised the content to clarify and make it more actionable for pen testers
 2025-10-15 10:24:30 -04:00
Matteo Meucci 81c45eb9ae Merge pull request #38 from mmorana1/patch-11 2025-10-15 07:43:28 +02:00
Marco Morana ce42b98b9e Create 2.2_Appendix_E.md 2025-10-14 17:57:46 -04:00