Arcanum AI Sec Resource Hub

Interactive AI escape room challenge where participants use prompt injection techniques to outsmart AI chatbot supervisors and reveal secret passcodes. Features $10K competition with global leaderboard.

• Virtual escape room scenarios
• AI chatbot prompt injection
• Multi-level difficulty progression
• Global leaderboard competition
• Real-world prompt engineering
• Professional security platform

Open-source community-driven LLM red-teaming platform featuring gamified AI security challenges. Players have 60 seconds to convince models to say target words using jailbreaking techniques.

• Gamified LLM red-teaming
• 60-second jailbreak challenges
• Community-driven platform
• Elo scoring system
• No registration required
• Open-source codebase

World's largest AI red-teaming competition with $100,000+ prize pool by Learn Prompting & OpenAI. Multiple tracks for discovering AI vulnerabilities through jailbreaking and prompt engineering attacks.

• $100,000+ total prize pool
• CBRNE, Agents, and Classic GenAI tracks
• Shortest jailbreak challenges
• 2-month competition duration
• Educational tutorials included
• OpenAI partnership

Competitive AI safety and alignment arena featuring prompt injection challenges, model evaluation, and red-teaming competitions. Test your skills against various AI models in structured competitive scenarios.

• Model evaluation challenges
• Prompt injection competitions
• AI safety testing scenarios
• Structured competitive format
• Multiple AI model targets
• Community-driven platform

Interactive LLM hacking challenge created by All About AI. Test your prompt engineering and jailbreaking skills through progressively difficult levels designed to push the boundaries of AI security and model manipulation.

• Progressive difficulty challenges
• Prompt injection techniques
• Jailbreak scenarios
• Real-time feedback system
• Community leaderboard
• Educational content creator challenge
• Browser-based interface

Official Anthropic bug bounty program for reporting security vulnerabilities in Claude AI systems and infrastructure. Submit security findings through their responsible disclosure process.

• Official Anthropic program
• Claude AI system vulnerabilities
• Infrastructure security issues
• Responsible disclosure process
• Professional security research
• Direct impact on AI safety

OpenAI's bug bounty program hosted on Bugcrowd for discovering security vulnerabilities in ChatGPT, GPT API, and related OpenAI services and infrastructure.

• Bugcrowd hosted program
• ChatGPT & GPT API scope
• OpenAI infrastructure targets
• Professional bounty rewards
• Security research community
• Industry-leading AI security

Google's Abuse Vulnerability Reward Program for Gemini AI models and services. Part of Google's Bug Hunters program focusing on AI safety and security vulnerabilities.

• Google Bug Hunters program
• Gemini AI model vulnerabilities
• Abuse & safety vulnerability focus
• Professional reward structure
• Google AI services scope
• Industry-standard disclosure process

Mozilla's 0-Day Investigative Network GenAI bug bounty program targeting vulnerabilities in large language models and generative AI systems. Rewards up to $15,000 for critical discoveries.

• $500 - $15,000 reward range
• Guardrail jailbreak research
• Prompt injection vulnerabilities
• Training data leakage detection
• Mozilla partnership program
• GenAI security focus

Extended version of P4RS3LT0NGV3 with additional payload generation techniques. Advanced prompt injection payload generator with 30+ text transformation techniques for LLM security testing and red teaming.

• 30+ text transformation methods
• Extended payload generation techniques
• Unicode and encoding obfuscation
• Mathematical and linguistic transformations
• Real-time payload preview
• Copy-to-clipboard functionality
• Additional custom transformations

Original P4RS3LT0NGV3 by Elder Plinius. A prompt injection payload generator that creates obfuscated prompts using various text transformation techniques to test LLM security controls and filters.

• 20+ text transformation techniques
• Leetspeak and character substitution
• ROT13 and Caesar cipher encoding
• Reverse text and word scrambling
• Homoglyph and lookalike characters
• Morse code and phonetic spelling
• 📂 View Source Code

Microsoft's Python Risk Identification Tool for Generative AI (PyRIT). An open-source automation framework designed to empower security professionals and ML engineers to proactively identify risks in AI systems through automated red teaming.

• Automated AI red teaming framework
• Multi-turn attack orchestration
• Prompt injection automation
• Jailbreak technique library
• Risk assessment scoring
• Extensible attack strategies
• Integration with Azure AI services
• Comprehensive documentation & examples
• 📂 View Source Code

NVIDIA's comprehensive LLM vulnerability scanner that probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses in Large Language Models. Think of it as "nmap for LLMs".

• 40+ probe modules for different vulnerabilities
• Supports multiple LLM providers (OpenAI, Hugging Face, etc.)
• Automated vulnerability scanning
• Jailbreak detection and testing
• Toxicity and bias evaluation
• Data leakage detection
• Hallucination testing
• JSON and HTML reporting
• Extensible plugin architecture
• 📂 View Source Code

Open-source LLM testing and red teaming framework for evaluating prompt quality, catching regressions, and identifying vulnerabilities. Test your prompts, agents, and RAG applications for security, quality, and performance issues.

• Automated red teaming with 15+ attack types
• OWASP LLM Top 10 vulnerability testing
• Prompt injection & jailbreak detection
• PII leakage and data security testing
• Hallucination and factuality checking
• Custom security policy enforcement
• Side-by-side model comparison
• CI/CD integration support
• Web UI for visual test management
• 📂 View Source Code

Advanced AI security analysis platform for comprehensive testing of LLM applications. Provides automated vulnerability assessment, prompt injection testing, and security posture evaluation for AI systems with enterprise-grade reporting.

• Automated security assessment workflows
• Comprehensive prompt injection testing
• Jailbreak attempt detection
• Data exfiltration prevention testing
• Model behavior analysis
• Security compliance checking
• Real-time threat monitoring
• Enterprise reporting dashboard
• API security testing

PyRIT-Ship is a prototype project that extends Microsoft's PyRIT (Python Risk Identification Toolkit) by providing API integration capabilities for security testing tools. Features a Python Flask server and Burp Suite Intruder extension for AI safety testing.

• PyRIT API server with Flask implementation
• Burp Suite Intruder extension integration
• Prompt generation and scoring capabilities
• Experimental AI vulnerability testing
• Microsoft AI Red Team project
• Community-driven development
• Flexible integration for security tools
• Prototype approach to AI safety testing
• Open-source passion project
• 📂 View Source Code

Comprehensive taxonomy and classification system for prompt injection attacks developed by Arcanum Security. A structured framework for understanding, categorizing, and analyzing different types of prompt injection vulnerabilities and attack vectors.

• Systematic attack classification framework
• Comprehensive vulnerability taxonomy
• Research-based methodology
• Attack vector categorization
• Security assessment guidelines
• Educational reference material
• Open-source research contribution
• 📂 View Repository

Comprehensive penetration testing questionnaire for AI systems developed by Arcanum Security. A structured assessment guide covering security evaluation criteria, attack vectors, and vulnerability assessment methodologies for AI/LLM applications.

• Structured pentest assessment framework
• AI-specific security evaluation criteria
• Comprehensive vulnerability checklist
• Attack vector identification guide
• Security assessment methodology
• Professional pentesting resource
• Industry best practices
• 📂 View Questionnaire

Enterprise AI deployment ecosystem mapping project by Arcanum Security. Maps applications and components in the orbit of enterprise AI deployments to help AI pentesters identify and include all relevant components in their security testing scope.

• Enterprise AI deployment mapping
• Component identification for pentesters
• AI infrastructure ecosystem analysis
• Testing scope expansion guidance
• Adjacent system identification
• Enterprise architecture components
• AI supply chain mapping
• Comprehensive testing coverage
• 📂 View Ecosystem