e32fd15c4a
Remove Testing Limitations and Requirements section
...
Removed 'Testing Limitations and Requirements' section from the README.
2025-11-05 19:03:57 +01:00
dc53b5d478
Delete Document/content/3.0_Testing_Limitations_and_Requirements.md
2025-11-05 19:03:37 +01:00
ded151e598
Update 3.0_OWASP_AI_Testing_Guide_Framework.md
2025-11-05 19:03:10 +01:00
b3313ad11b
Clean up Testing Limitations document
...
Removed unnecessary whitespace and next section references.
2025-11-05 19:02:15 +01:00
eb17b24ed3
Fix section numbering in README.md
2025-11-05 18:53:26 +01:00
cf46c10aa3
Update section numbering in README.md
2025-11-05 18:05:19 +01:00
b5b74f045b
Merge pull request #45 from nhumblot/prompt-injection-structured-output-attack
...
feat: add structured output attack example with source
2025-11-05 14:51:04 +01:00
52dd155251
Rename document for prompt disclosure testing
...
Updated the title of the testing document to reflect prompt disclosure.
2025-11-02 18:57:11 +01:00
04ba8c5b43
Revise AITG-DAT-01 document for clarity and structure
...
Updated the document to improve structure and clarity, including sections on testing methodology, expected outputs, remediation strategies, and suggested tools.
2025-11-02 18:55:56 +01:00
b496d11a8b
Revise testing document for explainability and interpretability
...
Updated the document to enhance clarity and detail in the explanation of testing for explainability and interpretability in AI systems. Added specific objectives, expected outputs, remediation strategies, and suggested tools.
2025-11-02 18:22:29 +01:00
4fd6fa2000
Update AITG-APP-13_Testing_for_Over-Reliance_on_AI.md
2025-11-02 18:17:00 +01:00
4aef9d8a69
Revise testing document for toxic output
...
Updated the structure and content of the testing document to improve clarity and organization, including renaming sections and enhancing remediation strategies.
2025-11-02 18:13:23 +01:00
9c1c965948
Change headers from H3 to H2 and H4 to H3
...
Updated header levels for better document structure.
2025-11-02 18:06:23 +01:00
140f236dd4
Update headings and improve test documentation
2025-11-02 18:05:53 +01:00
6411868698
Revise section headers for testing document
...
Updated section headers to improve clarity and consistency in the testing document.
2025-11-02 17:47:23 +01:00
9d01b136f8
Revise expected output for model extraction tests
...
Updated expected output criteria for model extraction testing, clarifying fidelity levels and defensive mechanisms.
2025-11-02 17:46:43 +01:00
f36d16964d
Enhance model extraction testing documentation
...
Expanded testing documentation for model extraction attacks, including detailed payloads, prerequisites, and step-by-step instructions for data acquisition, surrogate model training, and evaluation.
2025-11-02 17:45:12 +01:00
8e55e6238d
Enhance embedding manipulation testing documentation
...
Expanded testing scenarios for embedding manipulation, including payloads and expected secure behaviors.
2025-11-02 17:28:41 +01:00
ae07885a80
Enhance documentation on embedding manipulation testing
...
Expanded the section on embedding manipulation to include detailed explanations of vulnerabilities, attack vectors, and testing objectives. Updated suggested tools for testing embedding robustness.
2025-11-02 17:23:25 +01:00
d34c7d8e42
Update README.md
2025-10-30 18:07:24 +01:00
ad9fa99f1e
Fix links in README for AI Testing sections
2025-10-30 18:04:12 +01:00
eb899ebe44
Update table of contents in README.md
2025-10-30 18:03:02 +01:00
736763ea47
Add AI Testing Guide objectives and methodology
...
This guide aims to provide a structured framework for assessing AI systems' security, targeting various roles involved in AI security and compliance. It outlines a methodology for threat modeling, mapping, and testing specific to AI applications.
2025-10-30 18:02:46 +01:00
4c3dbfbfa1
Moved Document/content/1.1_Principles_of_AI_Testing.md
2025-10-30 18:01:41 +01:00
64059cf00f
Add OWASP AI Testing principles and lifecycle phases
...
This document outlines the principles of OWASP AI Testing, detailing four macro domains: Security, Privacy, Responsible AI, and Trustworthy AI Systems. It also describes the phases of the AI system lifecycle and the importance of integrating testing throughout.
2025-10-30 18:01:13 +01:00
d4573ce6cb
Moved
2025-10-30 17:59:15 +01:00
f522948dfd
Add OWASP AI Testing Guide and contributor list
...
Introduced the OWASP AI Testing Guide, outlining its purpose, methodology, and contributors.
2025-10-30 17:57:48 +01:00
5baed52ca3
Fix link to AI Application Testing section
2025-10-30 17:53:07 +01:00
c99d2969f3
Refine testing documentation for prompt disclosure
...
Updated sections for clarity and consistency, including test objectives, expected outputs, and suggested tools.
2025-10-30 17:38:58 +01:00
d2b2f3b057
Refine content and headings for agentic behavior testing
...
Updated section headings for consistency and clarity. Revised text for better readability and precision regarding agentic behavior testing.
2025-10-30 17:22:31 +01:00
88f15ccb7d
Revise section titles for clarity in testing guidelines
...
Updated section titles and clarified testing instructions for unsafe outputs.
2025-10-30 17:18:32 +01:00
8bd00636cd
Revise section titles in input leakage testing doc
...
Updated section titles for clarity in testing documentation.
2025-10-30 17:08:58 +01:00
dac1a442f4
Revise test documentation for sensitive data leakage
...
Updated sections for clarity and consistency in testing documentation.
2025-10-30 17:05:34 +01:00
1ca047f15a
Update testing document for indirect prompt injection
2025-10-30 17:03:10 +01:00
8a6445b6ae
Update testing document for prompt injection techniques
2025-10-30 17:01:39 +01:00
76ffd748ba
+ Tools vulnerabilities
2025-10-28 09:44:46 +01:00
e6cc4ffb64
+ MCP indirect prompt injection
2025-10-28 09:44:33 +01:00
9a9fa8448c
Update 2.2_Appendix_E.md
...
Riveduto il mapping threats CWE, rattionale, reccomendations per consisenza
2025-10-22 15:25:50 -04:00
b99c7d9aa2
Update 2.2_Appendix_E.md
...
Cambi cosmetici per chiarezza nella lettura
2025-10-21 19:33:15 -04:00
24bbc66504
Update 00_Preface and Contributors.md
2025-10-21 19:36:35 +02:00
7de813ef92
Update 2.2_Appendix_E.md
...
It is really 3 steps.. so revised again
2025-10-21 13:13:32 -04:00
47b241cb29
Update 2.2_Appendix_E.md
...
aggiunta maggiore chiarezza su come la mappatura dalla minaccia al componente SAIF, al test e alle vulnerabilità (CVEs e CWEs) di quel componente renda il report di penetration testing più concreto e orientato all’azione, facilitando la formulazione di raccomandazioni di correzione efficaci.
2025-10-21 12:21:10 -04:00
c9438a0f81
Update title formatting in preface document
2025-10-21 17:20:42 +02:00
d9f4df44b1
Add preface and contributors section for AITG
...
This document serves as the preface and contributor acknowledgment for the OWASP AI Testing Guide, outlining the purpose, methodology, and contributors involved in the project.
2025-10-21 16:51:11 +02:00
e637aa06f2
feat: add structured output attack example with source
2025-10-17 11:50:27 +02:00
6a81e0318c
Add reference to Echo Chamber attack blog
2025-10-16 17:21:47 +02:00
f81590039d
Update 2.2_Appendix_E.md
...
Reorganized more organically with titles etc
2025-10-16 08:54:50 -04:00
ab21d1f5e7
Update README.md
...
Changed the titles for Appendix sections to make it clear what the appendix cover and better selection from TOC
2025-10-16 08:14:56 -04:00
d8703cb1d0
Update 2.2_Appendix_E.md
...
Should be the last. correction. I hope
2025-10-15 13:57:41 -04:00
29fd475e68
Update 2.2_Appendix_E.md
...
Added more clarity to the CVE to SAIF and AI threats with an example
2025-10-15 12:35:24 -04:00
Matteo Meucci