www-project-ai-testing-guide

CalvinBackup/www-project-ai-testing-guide

mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-03-19 16:53:27 +00:00

Author	SHA1	Message	Date
Matteo Meucci	4fd6fa2000	Update AITG-APP-13_Testing_for_Over-Reliance_on_AI.md	2025-11-02 18:17:00 +01:00
Matteo Meucci	4aef9d8a69	Revise testing document for toxic output Updated the structure and content of the testing document to improve clarity and organization, including renaming sections and enhancing remediation strategies.	2025-11-02 18:13:23 +01:00
Matteo Meucci	9c1c965948	Change headers from H3 to H2 and H4 to H3 Updated header levels for better document structure.	2025-11-02 18:06:23 +01:00
Matteo Meucci	140f236dd4	Update headings and improve test documentation	2025-11-02 18:05:53 +01:00
Matteo Meucci	6411868698	Revise section headers for testing document Updated section headers to improve clarity and consistency in the testing document.	2025-11-02 17:47:23 +01:00
Matteo Meucci	9d01b136f8	Revise expected output for model extraction tests Updated expected output criteria for model extraction testing, clarifying fidelity levels and defensive mechanisms.	2025-11-02 17:46:43 +01:00
Matteo Meucci	f36d16964d	Enhance model extraction testing documentation Expanded testing documentation for model extraction attacks, including detailed payloads, prerequisites, and step-by-step instructions for data acquisition, surrogate model training, and evaluation.	2025-11-02 17:45:12 +01:00
Matteo Meucci	8e55e6238d	Enhance embedding manipulation testing documentation Expanded testing scenarios for embedding manipulation, including payloads and expected secure behaviors.	2025-11-02 17:28:41 +01:00
Matteo Meucci	ae07885a80	Enhance documentation on embedding manipulation testing Expanded the section on embedding manipulation to include detailed explanations of vulnerabilities, attack vectors, and testing objectives. Updated suggested tools for testing embedding robustness.	2025-11-02 17:23:25 +01:00
Matteo Meucci	d34c7d8e42	Update README.md	2025-10-30 18:07:24 +01:00
Matteo Meucci	ad9fa99f1e	Fix links in README for AI Testing sections	2025-10-30 18:04:12 +01:00
Matteo Meucci	eb899ebe44	Update table of contents in README.md	2025-10-30 18:03:02 +01:00
Matteo Meucci	736763ea47	Add AI Testing Guide objectives and methodology This guide aims to provide a structured framework for assessing AI systems' security, targeting various roles involved in AI security and compliance. It outlines a methodology for threat modeling, mapping, and testing specific to AI applications.	2025-10-30 18:02:46 +01:00
Matteo Meucci	4c3dbfbfa1	Moved Document/content/1.1_Principles_of_AI_Testing.md	2025-10-30 18:01:41 +01:00
Matteo Meucci	64059cf00f	Add OWASP AI Testing principles and lifecycle phases This document outlines the principles of OWASP AI Testing, detailing four macro domains: Security, Privacy, Responsible AI, and Trustworthy AI Systems. It also describes the phases of the AI system lifecycle and the importance of integrating testing throughout.	2025-10-30 18:01:13 +01:00
Matteo Meucci	d4573ce6cb	Moved	2025-10-30 17:59:15 +01:00
Matteo Meucci	f522948dfd	Add OWASP AI Testing Guide and contributor list Introduced the OWASP AI Testing Guide, outlining its purpose, methodology, and contributors.	2025-10-30 17:57:48 +01:00
Matteo Meucci	5baed52ca3	Fix link to AI Application Testing section	2025-10-30 17:53:07 +01:00
Matteo Meucci	c99d2969f3	Refine testing documentation for prompt disclosure Updated sections for clarity and consistency, including test objectives, expected outputs, and suggested tools.	2025-10-30 17:38:58 +01:00
Matteo Meucci	d2b2f3b057	Refine content and headings for agentic behavior testing Updated section headings for consistency and clarity. Revised text for better readability and precision regarding agentic behavior testing.	2025-10-30 17:22:31 +01:00
Matteo Meucci	88f15ccb7d	Revise section titles for clarity in testing guidelines Updated section titles and clarified testing instructions for unsafe outputs.	2025-10-30 17:18:32 +01:00
Matteo Meucci	8bd00636cd	Revise section titles in input leakage testing doc Updated section titles for clarity in testing documentation.	2025-10-30 17:08:58 +01:00
Matteo Meucci	dac1a442f4	Revise test documentation for sensitive data leakage Updated sections for clarity and consistency in testing documentation.	2025-10-30 17:05:34 +01:00
Matteo Meucci	1ca047f15a	Update testing document for indirect prompt injection	2025-10-30 17:03:10 +01:00
Matteo Meucci	8a6445b6ae	Update testing document for prompt injection techniques	2025-10-30 17:01:39 +01:00
Federico Dotta	76ffd748ba	+ Tools vulnerabilities	2025-10-28 09:44:46 +01:00
Federico Dotta	e6cc4ffb64	+ MCP indirect prompt injection	2025-10-28 09:44:33 +01:00
Marco Morana	9a9fa8448c	Update 2.2_Appendix_E.md Riveduto il mapping threats CWE, rattionale, reccomendations per consisenza	2025-10-22 15:25:50 -04:00
Marco Morana	b99c7d9aa2	Update 2.2_Appendix_E.md Cambi cosmetici per chiarezza nella lettura	2025-10-21 19:33:15 -04:00
Matteo Meucci	24bbc66504	Update 00_Preface and Contributors.md	2025-10-21 19:36:35 +02:00
Marco Morana	7de813ef92	Update 2.2_Appendix_E.md It is really 3 steps.. so revised again	2025-10-21 13:13:32 -04:00
Marco Morana	47b241cb29	Update 2.2_Appendix_E.md aggiunta maggiore chiarezza su come la mappatura dalla minaccia al componente SAIF, al test e alle vulnerabilità (CVEs e CWEs) di quel componente renda il report di penetration testing più concreto e orientato all’azione, facilitando la formulazione di raccomandazioni di correzione efficaci.	2025-10-21 12:21:10 -04:00
Matteo Meucci	c9438a0f81	Update title formatting in preface document	2025-10-21 17:20:42 +02:00
Matteo Meucci	d9f4df44b1	Add preface and contributors section for AITG This document serves as the preface and contributor acknowledgment for the OWASP AI Testing Guide, outlining the purpose, methodology, and contributors involved in the project.	2025-10-21 16:51:11 +02:00
marti-jorda-roca	6a81e0318c	Add reference to Echo Chamber attack blog	2025-10-16 17:21:47 +02:00
Marco Morana	f81590039d	Update 2.2_Appendix_E.md Reorganized more organically with titles etc	2025-10-16 08:54:50 -04:00
Marco Morana	ab21d1f5e7	Update README.md Changed the titles for Appendix sections to make it clear what the appendix cover and better selection from TOC	2025-10-16 08:14:56 -04:00
Marco Morana	d8703cb1d0	Update 2.2_Appendix_E.md Should be the last. correction. I hope	2025-10-15 13:57:41 -04:00
Marco Morana	29fd475e68	Update 2.2_Appendix_E.md Added more clarity to the CVE to SAIF and AI threats with an example	2025-10-15 12:35:24 -04:00
Marco Morana	74cf81b771	Update 2.2_Appendix_E.md Revised the content to clarify and make it more actionable for pen testers	2025-10-15 10:24:30 -04:00
Marco Morana	ce42b98b9e	Create 2.2_Appendix_E.md	2025-10-14 17:57:46 -04:00
Marco Morana	1756c276ba	Update README.md Add link to content appendix E	2025-10-14 16:40:08 -04:00
Matteo Meucci	aaffd7e14c	Merge pull request #27 from DotDotSlashRepo/main Enhancements to testcases	2025-10-10 10:40:18 +02:00
Matteo Meucci	c0c38b582e	Merge pull request #32 from zangobot/main Include more testing tools, by dividing them between general-purpouse or domain-specific	2025-09-09 16:37:06 +02:00
Luca Demetrio	0749eeda55	Update AITG-MOD-01_Testing_for_Evasion_Attacks.md Removed typo	2025-09-02 11:21:23 +02:00
Roei Arpaly	4182d8f869	Update AITG-APP-04_Testing_for_Input_Leakage.md Co-authored-by: Yoni Birman <birmanbirman@gmail.com>	2025-08-31 23:13:40 +03:00
Roei Arpaly	296224d780	Update AITG-APP-04_Testing_for_Input_Leakage.md adding adversarial input test cases	2025-08-13 11:46:54 +03:00
maurapintor	0ed6bb99ad	added secml-torch and adv-lib, updated description of deepsec	2025-08-08 10:16:15 +02:00
Luca Demetrio	be0385d8cf	Update AITG-MOD-01_Testing_for_Evasion_Attacks.md Update AI security testing tools by adding difference between general-purpose and domain-specific libraries	2025-08-08 09:57:15 +02:00
DotDotSlash	3bd5536fbd	Update AITG-APP-05_Testing_for_Unsafe_Outputs.md fixed a typo	2025-08-05 16:24:06 +05:30

1 2 3 4

170 Commits