CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-03-20 17:23:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
215 Commits 2 Branches 0 Tags
e007cb0266d8efac2a67efe24d8bb3e5a35de9b3
Commit Graph

215 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matteo Meucci
e007cb0266 Merge pull request #40 from mmorana1/patch-13 
Update 2.2_Appendix_E.md
 2025-10-15 19:13:31 +02:00
Marco Morana
29fd475e68 Update 2.2_Appendix_E.md 
Added more clarity to the CVE to SAIF and AI threats with an example
 2025-10-15 12:35:24 -04:00
Matteo Meucci
3062449279 Merge pull request #39 from mmorana1/patch-12 
Update 2.2_Appendix_E.md
 2025-10-15 16:53:04 +02:00
Marco Morana
74cf81b771 Update 2.2_Appendix_E.md 
Revised the content to clarify and make it more actionable for pen testers
 2025-10-15 10:24:30 -04:00
Matteo Meucci
81c45eb9ae Merge pull request #38 from mmorana1/patch-11 2025-10-15 07:43:28 +02:00
Marco Morana
ce42b98b9e Create 2.2_Appendix_E.md 2025-10-14 17:57:46 -04:00
Matteo Meucci
f8b4203f9d Merge pull request #37 from mmorana1/patch-10 2025-10-14 23:16:19 +02:00
Marco Morana
1756c276ba Update README.md 
Add link to content appendix E
 2025-10-14 16:40:08 -04:00
Matteo Meucci
aaffd7e14c Merge pull request #27 from DotDotSlashRepo/main 
Enhancements to testcases
 2025-10-10 10:40:18 +02:00
Matteo Meucci
bddb9d58bb Merge pull request #35 from nhumblot/bring-back-slack 2025-10-04 14:59:07 +02:00
Nicolas Humblot
094d715dff fixup! fix: bring Slack link 2025-10-04 14:40:36 +02:00
Nicolas Humblot
23a475306d fix: bring Slack link 2025-10-04 14:35:03 +02:00
Matteo Meucci
8ca678c781 Merge pull request #33 from OWASP/nest/owasp-ai-testing-guide-metadata 
Add OWASP AI Testing Guide metadata
 2025-10-03 10:23:37 +02:00
Matteo Meucci
c920ad7f7f Merge pull request #34 from nhumblot/fill-info 
Filling GitHub and LinkedIn in OWASP project information page
 2025-10-03 10:21:38 +02:00
Matteo Meucci
31bfb726d7 Merge branch 'main' into fill-info 2025-10-03 10:21:28 +02:00
Matteo Meucci
918b8898e1 Update info.md 2025-10-03 10:15:56 +02:00
Nicolas Humblot
53c8e80713 build: add newline add end of file 2025-10-03 08:34:59 +02:00
Nicolas Humblot
685303dcfb build: fill LinkedIn link 2025-10-03 08:22:42 +02:00
Nicolas Humblot
007140d5a6 build: add repository link 2025-10-03 08:20:03 +02:00
Nicolas Humblot
e827e3f9fc build: ignore IntelliJ Idea IDE folder 2025-10-03 08:19:11 +02:00
owasp-nest[bot]
09c60b3cec Add OWASP AI Testing Guide metadata 
Generated on 2025-10-02 by Arkadii Yakovets as part of the OWASP Schema initiative within OWASP Nest.
Repository: `OWASP/www-project-ai-testing-guide`

Co-authored-by: Arkadii Yakovets <arkadii.yakovets@owasp.org>
 2025-10-02 01:58:35 +00:00
Matteo Meucci
c0c38b582e Merge pull request #32 from zangobot/main 
Include more testing tools, by dividing them between general-purpouse or domain-specific
 2025-09-09 16:37:06 +02:00
Luca Demetrio
0749eeda55 Update AITG-MOD-01_Testing_for_Evasion_Attacks.md 
Removed typo
 2025-09-02 11:21:23 +02:00
Matteo Meucci
5268eff3ae Merge pull request #31 from RoeiArpaly/main 
Update AITG-APP-04_Testing_for_Input_Leakage.md
 2025-09-01 09:43:06 +02:00
Roei Arpaly
4182d8f869 Update AITG-APP-04_Testing_for_Input_Leakage.md 
Co-authored-by: Yoni Birman <birmanbirman@gmail.com>
 2025-08-31 23:13:40 +03:00
Matteo Meucci
ddd1d12544 Merge pull request #29 from RoeiArpaly/main 
Update AITG-APP-04_Testing_for_Input_Leakage.md
 2025-08-13 10:53:21 +02:00
Roei Arpaly
296224d780 Update AITG-APP-04_Testing_for_Input_Leakage.md 
adding adversarial input test cases
 2025-08-13 11:46:54 +03:00
maurapintor
0ed6bb99ad added secml-torch and adv-lib, updated description of deepsec 2025-08-08 10:16:15 +02:00
Luca Demetrio
be0385d8cf Update AITG-MOD-01_Testing_for_Evasion_Attacks.md 
Update AI security testing tools by adding difference between general-purpose and domain-specific libraries
 2025-08-08 09:57:15 +02:00
DotDotSlash
3bd5536fbd Update AITG-APP-05_Testing_for_Unsafe_Outputs.md 
fixed a typo
 2025-08-05 16:24:06 +05:30
DotDotSlash
e5e95445cb Update AITG-APP-01_Testing_for_Prompt_Injection.md 
added more examples of filter bypass while attempting to extract sensitive information
 2025-08-05 16:21:26 +05:30
DotDotSlash
22eaecdd59 Update AITG-APP-03_Testing_for_Sensitive_Data_Leak.md 
Added additional prompts on testing for implementation details leak
 2025-08-05 15:56:08 +05:30
Matteo Meucci
2399f8293b Merge pull request #26 from fedric95/main 
Hallucination - "Debunking" vs "Factuality and Misinformation"
 2025-08-04 10:18:41 +02:00
Federico Ricciuti
befe2755c7 Introduced Debunking tests and a differentiation between "Factuality and Misinformation" and "Debunking" hallucinations. As described by Giskard in the Phrase benchmark. 2025-08-03 14:34:38 +02:00
Matteo Meucci
066bfaa2dd Merge pull request #25 from fedric95/main 2025-07-26 00:17:36 +04:00
fedric95
d27026fda7 Merge branch 'OWASP:main' into main 2025-07-25 20:30:56 +02:00
Federico Ricciuti
0dd87354da 1. Specified that temperature=0 does not imply reproducibility (https://arxiv.org/pdf/2506.09501) 
2. Pointed out that LLMs are generally less secure in low-resource languages
3. Made some order on the payloads for the bias test, now it using always the same base example.
 2025-07-25 20:26:32 +02:00
Matteo Meucci
124c92f538 Merge pull request #24 from federicodotta/main 2025-07-25 14:55:11 +04:00
federicodotta
897c532bba + Planning instructions to avoid issues with token consumption 2025-07-25 12:18:11 +02:00
Matteo Meucci
dfee7656c2 Merge pull request #23 from fedric95/main 2025-07-17 18:26:58 +04:00
Federico Ricciuti
9da16a16c1 Correction of the readme to refer to the correct changed test 2025-07-17 15:22:07 +02:00
Federico Ricciuti
977235af4d Introduction of the AITG-APP-10_Testing_for_Content_Bias.md, with tests to detect biased decisions made by the AI System. 2025-07-17 15:16:22 +02:00
Federico Ricciuti
49ee4b9d6c The unsafe output test now includes hate releated unsafe content as part of the tests. 
AITG-APP-10_Testing_for_Harmful_Content_Bias.md replaced with AITG-APP-10_Testing_for_Content_Bias.md, and now it focuses on the detection of biases contened in the generated outputs.
 2025-07-17 15:14:33 +02:00
Matteo Meucci
11e22f40cd Merge pull request #22 from federicodotta/main 2025-07-14 11:09:32 +04:00
federicodotta
82b7a18ef4 README updated 2025-07-14 08:19:58 +02:00
Matteo Meucci
db71d7c1a4 Merge pull request #21 from federicodotta/main 2025-07-13 13:52:59 +04:00
federicodotta
2b16a5c5f3 + Testing Limitations and Requirements 2025-07-13 11:21:09 +02:00
Matteo Meucci
71b4f26900 Merge pull request #20 from fedric95/main 2025-07-12 21:30:58 +04:00
Federico Ricciuti
198167aebe - Introduced the necessity of defining a safety taxonomy before conducting the tests: the definition of what is safe and what is unsafe depends on the application. 
- Linked an existing safety taxonomy
- Added examples of moderation models
- Removed most of the references to the concept of bias. They should be addressed in another test.

TO-DO

- Include tests that consider the potential multimodal nature of the application (right now it is more text-only)
- Make a specific test to evaluate the biases of the AI application under test and remove all the references to biases in this test
 2025-07-12 19:12:00 +02:00
Matteo Meucci
f4a5804a70 Merge pull request #19 from federicodotta/main 2025-07-12 16:42:53 +04:00