CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-03-01 13:53:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
346 Commits 2 Branches 0 Tags
eeaa84828dba35e8d052d99d25ff43c67b5d520e
Commit Graph

98 Commits

Author SHA1 Message Date
Matteo Meucci
22aaeb9b14 Enhance testing framework for embedding manipulation 
Expanded the testing framework for embedding manipulation vulnerabilities in RAG systems, detailing objectives, methodologies, and expected secure behaviors. Included real-world examples and remediation strategies.
 2025-11-13 16:31:18 +01:00
Matteo Meucci
a0f98c076c Update AITG-MOD-06_Testing_for_Robustness_to_New_Data.md 2025-11-06 14:59:33 +01:00
Matteo Meucci
efdf258449 Update AITG-MOD-07_Testing_for_Goal_Alignment.md 2025-11-06 14:58:38 +01:00
Matteo Meucci
899fd1f540 Update AITG-MOD-07_Testing_for_Goal_Alignment.md 2025-11-06 10:49:37 +01:00
Matteo Meucci
5af5386529 Update AITG-MOD-06_Testing_for_Robustness_to_New_Data.md 2025-11-06 10:47:44 +01:00
Matteo Meucci
19ad3643a3 Update AITG-MOD-05_Testing_for_Inversion_Attacks.md 2025-11-06 10:45:20 +01:00
Matteo Meucci
54067edfd7 Update AITG-MOD-04_Testing_for_Membership_Inference.md 2025-11-06 10:30:13 +01:00
Matteo Meucci
4424ce65e9 Update AITG-MOD-03_Testing_for_Poisoned_Training_Sets.md 2025-11-06 09:50:44 +01:00
Matteo Meucci
ba3f2c11bf Update AITG-MOD-02_Testing_for_Runtime_Model_Poisoning.md 2025-11-06 09:48:42 +01:00
Matteo Meucci
cf7df4e35c Update AITG-MOD-01_Testing_for_Evasion_Attacks.md 2025-11-06 09:46:41 +01:00
Matteo Meucci
5524bdbf6d Update AITG-INF-06_Testing_for_Dev-Time_Model_Theft.md 2025-11-06 09:44:53 +01:00
Matteo Meucci
c1895bef4a Update AITG-INF-05_Testing_for_Fine-tuning_Poisoning.md 2025-11-06 09:43:07 +01:00
Matteo Meucci
eb8f10ae03 Update AITG-INF-04_Testing_for_Capability_Misuse.md 2025-11-06 09:39:51 +01:00
Matteo Meucci
2d73463083 Update AITG-INF-03_Testing_for_Plugin_Boundary_Violations.md 2025-11-05 19:54:47 +01:00
Matteo Meucci
d46c835644 Update AITG-INF-02_Testing_for_Resource_Exhaustion.md 2025-11-05 19:52:36 +01:00
Matteo Meucci
334c79478d Update AITG-INF-01_Testing_for_Supply_Chain_Tampering.md 2025-11-05 19:50:04 +01:00
Matteo Meucci
9b9fd9160b Update AITG-DAT-02_Testing_for_Runtime_Exfiltration.md 2025-11-05 19:46:24 +01:00
Matteo Meucci
73c7fa8aa9 Update AITG-DAT-03_Testing_for_Dataset_Diversity_and_Coverage.md 2025-11-05 19:45:30 +01:00
Matteo Meucci
c44b46e4e9 Update AITG-DAT-04_Testing_for_Harmful_Content_in_Data.md 2025-11-05 19:44:47 +01:00
Matteo Meucci
ff6fc599b6 Update AITG-DAT-05_Testing_for_Data_Minimization_and_Consent.md 2025-11-05 19:43:55 +01:00
Matteo Meucci
bc94636d3e Update AITG-DAT-04_Testing_for_Harmful_Content_in_Data.md 2025-11-05 19:42:07 +01:00
Matteo Meucci
7d9fd59c63 Update AITG-DAT-03_Testing_for_Dataset_Diversity_and_Coverage.md 2025-11-05 19:41:07 +01:00
Matteo Meucci
b9ad6c997d Update AITG-DAT-02_Testing_for_Runtime_Exfiltration.md 2025-11-05 19:40:05 +01:00
Matteo Meucci
d19e9da901 Revise testing methodology for training data exposure 
Updated the testing methodology for training data exposure vulnerabilities in AI systems, detailing the setup and execution of tests for direct storage access and inference-based data extraction.
 2025-11-05 19:37:28 +01:00
Matteo Meucci
b5b74f045b Merge pull request #45 from nhumblot/prompt-injection-structured-output-attack 
feat: add structured output attack example with source
 2025-11-05 14:51:04 +01:00
Matteo Meucci
52dd155251 Rename document for prompt disclosure testing 
Updated the title of the testing document to reflect prompt disclosure.
 2025-11-02 18:57:11 +01:00
Matteo Meucci
04ba8c5b43 Revise AITG-DAT-01 document for clarity and structure 
Updated the document to improve structure and clarity, including sections on testing methodology, expected outputs, remediation strategies, and suggested tools.
 2025-11-02 18:55:56 +01:00
Matteo Meucci
b496d11a8b Revise testing document for explainability and interpretability 
Updated the document to enhance clarity and detail in the explanation of testing for explainability and interpretability in AI systems. Added specific objectives, expected outputs, remediation strategies, and suggested tools.
 2025-11-02 18:22:29 +01:00
Matteo Meucci
4fd6fa2000 Update AITG-APP-13_Testing_for_Over-Reliance_on_AI.md 2025-11-02 18:17:00 +01:00
Matteo Meucci
4aef9d8a69 Revise testing document for toxic output 
Updated the structure and content of the testing document to improve clarity and organization, including renaming sections and enhancing remediation strategies.
 2025-11-02 18:13:23 +01:00
Matteo Meucci
9c1c965948 Change headers from H3 to H2 and H4 to H3 
Updated header levels for better document structure.
 2025-11-02 18:06:23 +01:00
Matteo Meucci
140f236dd4 Update headings and improve test documentation 2025-11-02 18:05:53 +01:00
Matteo Meucci
6411868698 Revise section headers for testing document 
Updated section headers to improve clarity and consistency in the testing document.
 2025-11-02 17:47:23 +01:00
Matteo Meucci
9d01b136f8 Revise expected output for model extraction tests 
Updated expected output criteria for model extraction testing, clarifying fidelity levels and defensive mechanisms.
 2025-11-02 17:46:43 +01:00
Matteo Meucci
f36d16964d Enhance model extraction testing documentation 
Expanded testing documentation for model extraction attacks, including detailed payloads, prerequisites, and step-by-step instructions for data acquisition, surrogate model training, and evaluation.
 2025-11-02 17:45:12 +01:00
Matteo Meucci
8e55e6238d Enhance embedding manipulation testing documentation 
Expanded testing scenarios for embedding manipulation, including payloads and expected secure behaviors.
 2025-11-02 17:28:41 +01:00
Matteo Meucci
ae07885a80 Enhance documentation on embedding manipulation testing 
Expanded the section on embedding manipulation to include detailed explanations of vulnerabilities, attack vectors, and testing objectives. Updated suggested tools for testing embedding robustness.
 2025-11-02 17:23:25 +01:00
Matteo Meucci
c99d2969f3 Refine testing documentation for prompt disclosure 
Updated sections for clarity and consistency, including test objectives, expected outputs, and suggested tools.
 2025-10-30 17:38:58 +01:00
Matteo Meucci
d2b2f3b057 Refine content and headings for agentic behavior testing 
Updated section headings for consistency and clarity. Revised text for better readability and precision regarding agentic behavior testing.
 2025-10-30 17:22:31 +01:00
Matteo Meucci
88f15ccb7d Revise section titles for clarity in testing guidelines 
Updated section titles and clarified testing instructions for unsafe outputs.
 2025-10-30 17:18:32 +01:00
Matteo Meucci
8bd00636cd Revise section titles in input leakage testing doc 
Updated section titles for clarity in testing documentation.
 2025-10-30 17:08:58 +01:00
Matteo Meucci
dac1a442f4 Revise test documentation for sensitive data leakage 
Updated sections for clarity and consistency in testing documentation.
 2025-10-30 17:05:34 +01:00
Matteo Meucci
1ca047f15a Update testing document for indirect prompt injection 2025-10-30 17:03:10 +01:00
Matteo Meucci
8a6445b6ae Update testing document for prompt injection techniques 2025-10-30 17:01:39 +01:00
Federico Dotta
76ffd748ba + Tools vulnerabilities 2025-10-28 09:44:46 +01:00
Federico Dotta
e6cc4ffb64 + MCP indirect prompt injection 2025-10-28 09:44:33 +01:00
Nicolas Humblot
e637aa06f2 feat: add structured output attack example with source 2025-10-17 11:50:27 +02:00
marti-jorda-roca
6a81e0318c Add reference to Echo Chamber attack blog 2025-10-16 17:21:47 +02:00
Matteo Meucci
aaffd7e14c Merge pull request #27 from DotDotSlashRepo/main 
Enhancements to testcases
 2025-10-10 10:40:18 +02:00
Matteo Meucci
c0c38b582e Merge pull request #32 from zangobot/main 
Include more testing tools, by dividing them between general-purpouse or domain-specific
 2025-09-09 16:37:06 +02:00