Learn how to conduct prompt injection testing on GenAI/LLM-powered features using spikee in this 23-minute security testing tutorial. Explore a practical demonstration using a WebMail application to understand the process of creating targeted datasets for specific attack outcomes. Master both Burp Suite Intruder and spikee's custom target support through Python for comprehensive security assessments. Follow along with hands-on examples showing how to identify vulnerabilities in LLM applications, create effective test cases, and execute attacks using different tools. Gain insights into adjusting test parameters and implementing security testing methodologies specifically designed for LLM-powered features beyond traditional chatbot scenarios.
Testing Prompt Injection in LLM Applications with Spikee - Part 3
Overview
Syllabus
00:00 - Introduction
00:47 - LLM WebMail Demo Use Case
02:39 - Creating a Custom Dataset
08:40 - Running the Attack With Burp Intruder
12:23 - Running the Attack with a Custom Target Script
19:18 - Changing the Number of Attempts
21:37 - Summary
Taught by
Donato Capitella
Related Courses
-
Red Teaming LLM Applications
-
Ethical Hacking 101: Web App Penetration Testing - a full course for beginners
4.6 -
Spikee: A Simple Prompt Injection Kit for Evaluation and Exploitation of LLMs
-
Hands-on Tutorial: Generating and Testing Custom Prompt Injection Datasets with Spikee - Part 2
-
Ethical Hacking against and with AI/LLM/ML (Lite Version!)
-
Learn Burp Suite, the Nr. 1 Web Hacking Tool
