https://github.com/mnns/LLMFuzzer

🧠 LLMFuzzer - Fuzzing Framework for Large Language Models 🧠 LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integrations in applications via LLM APIs. 🚀💥
https://github.com/mnns/LLMFuzzer

ai cybersecurity llm llmsecurity

Last synced: about 1 year ago
JSON representation

🧠 LLMFuzzer - Fuzzing Framework for Large Language Models 🧠 LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integrations in applications via LLM APIs. 🚀💥

• Host: GitHub
• URL: https://github.com/mnns/LLMFuzzer
• Owner: mnns
• License: mit
• Created: 2023-05-20T16:40:00.000Z (about 3 years ago)
• Default Branch: main
• Last Pushed: 2024-02-12T07:22:56.000Z (over 2 years ago)
• Last Synced: 2024-11-05T10:44:33.056Z (over 1 year ago)
• Topics: ai, cybersecurity, llm, llmsecurity
• Language: Python
• Homepage:
• Size: 50.8 KB
• Stars: 230
• Watchers: 4
• Forks: 33
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• Awesome-LLM4Security - LLMFuzzer
• Awesome-OSINT-List - LLM Fuzzer - Fuzzing framework for finding vulnerabilities in LLMs. (LLM SECURITY / AI SECURITY / LLM Vulnerability Testing)
• awesome-llm-security - LLMFuzzer
• awesome-gpt-security - LLMFuzzer - LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integrations in applications via LLM APIs. (Tools / Detecting)
• awesome-ai-security - LLMFuzzer - _LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integrations in applications via LLM APIs._ (Attack Techniques & Red Teaming / LLM & GenAI Red Teaming)
• Awesome-Hacking-Resources - LLMFuzzer
• awesome-ai-testing - LLMFuzzer - Early open-source fuzzing framework for testing LLMs via their API integrations. No longer actively maintained (last commit early 2024) but still referenced in LLM security lists. (LLM and AI System Testing)

README

          


# 🧠 LLMFuzzer - Fuzzing Framework for Large Language Models 🧠

![LLMFuzzer-shell](https://github.com/mnns/LLMFuzzer/assets/1796080/71b006df-706c-43f6-acd1-49646dbcb0e5)

![Version](https://img.shields.io/badge/version-1.0.0-blue)

![License](https://img.shields.io/badge/license-MIT-green)

![Stars](https://img.shields.io/github/stars/mnns/LLMFuzzer)

![Forks](https://img.shields.io/github/forks/mnns/LLMFuzzer)

![Issues](https://img.shields.io/github/issues/mnns/LLMFuzzer)

[![forthebadge](https://forthebadge.com/images/badges/built-with-love.svg)](https://forthebadge.com)

[![forthebadge](https://forthebadge.com/images/badges/contains-cat-gifs.svg)](https://forthebadge.com)

[![forthebadge](https://forthebadge.com/images/badges/not-a-bug-a-feature.svg)](https://forthebadge.com)



----------------------------------------------------------------

## Project Status: Unmaintained

This project is no longer actively maintained. You are welcome to fork and continue its development on your own. Thank you for your interest and support.

----------------------------------------------------------------

LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integrations in applications via LLM APIs. 🚀💥

## 🎯 Who is this for?

If you're a security enthusiast, a pentester, or a cybersec researcher who loves to find and exploit vulnerabilities in AI systems, LLMFuzzer is the perfect tool for you. It's built to make your testing process streamlined and efficient. 🕵️‍♀️

![Untitled](https://github.com/mnns/LLMFuzzer/assets/1796080/a143897d-383c-4ed9-8b2f-65f4cdc5aa63)

## 🌟 Features

- Robust fuzzing for LLMs 🧪

- LLM API integration testing 🛠️

- Wide range of fuzzing strategies 🌀

- Modular architecture for easy extendability 📚

## 🔥 Roadmap

* Adding more attacks

* HTML Report as output

* Multiple Connectors (JSON-POST, RAW-POST, QUERY-GET)

* Multiple Comparers

* Proxy Support

* Dual-LLM (Side LLM observation)

* Autonomous Attack Mode

## 🚀 Get Started

1. Clone the repo

```bash

git clone https://github.com/mnns/LLMFuzzer.git

```

2. Navigate to the project directory

```bash

cd LLMFuzzer

```

3. Install dependencies

```bash

pip install -r requirements.txt

```

4. Edit **llmfuzzer.cfg** with your LLM API endpoint (LLMFuzzer -> Your Application -> LLM)

```bash

Connection: 

  Type: HTTP-API

  Url: "http://localhost:3000/chat" # Your LLM API

  Content: JSON

  Query-Attribute: "query" # Your JSON query attribute

  Output-Attribute: "answer" # Your JSON response attribute

  Headers: {'enwiki_session': '17ab96bd8ffbe8ca58a78657a918558'} # Add HTTP Headers if needed 

  Cookie: {'enwiki_session': '17ab96bd8ffbe8ca58a78657a918558'} # Add Cookies if needed

```

5. Run LLMFuzzer

```bash

python main.py

```

## 📚 Documentation

We are working on full documentation. It will cover detailed information about the architecture, different fuzzing strategies, examples, and how to extend the tool.

## 🤝 Contributing

We welcome all contributors who are passionate about improving LLMFuzzer. See our contributing guidelines for ways to get started. 🤗

## 💼 License

LLMFuzzer is licensed under the MIT License. See the LICENSE file for more details.

## 🎩 Acknowledgments

LLMFuzzer couldn't exist without the community. We appreciate all our contributors and supporters. Let's make AI safer together! 💖