This is an empirical, non-academic, and practical guide to LLM hacking. This repository is the source code for the LLM Hacker's Handbook . For the best experience, we recommend viewing this handbook at doublespeak.chat .

2025年3月3日 · Since the Sysdig Threat Research Team (TRT) initially discovered LLM jacking in May 2024, the attack methodology has evolved substantially. As large language models (LLMs) develop further and find new uses, hackers are becoming more nimble and learning new ways to exploit these sophisticated systems.. The rapid targeting of emerging LLMs like DeepSeek is especially notable.

LLM-Driven Malware LLMorphism : A self-replicating agent that uses GPT-3.5 as a metamorphic engine, by Second Part to Hell. Darwin-GPT : A minimal self-replicating agent based on GPT-3.5/4, by Bernhard Mueller.

2024年8月1日 · This is the official repository for "Universal and Transferable Adversarial Attacks on Aligned Language Models" by Andy Zou, Zifan Wang, Nicholas Carlini, Milad Nasr, J. Zico Kolter, and Matt Fredrikson. Check out our website and demo here.

These attacks, known as prompt hacking, can be used to trick LLMs based apps into generating unintended or malicious output. This project aims to provide a valuable resource to raise awareness of prompt hacking attacks and the security risks they pose.

2024年2月6日 · In this work, we show that LLM agents can autonomously hack websites, performing tasks as complex as blind database schema extraction and SQL injections without human feedback. Importantly, the agent does not need to know the vulnerability beforehand.

2024年11月29日 · Prompt Injection is a new type of attack on LLM models, Hackers hide malicious inputs as a legitimate prompts abusing generative LLM models to leak sensitive data, spreading...

2024年10月28日 · Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defense strategy tailored to counter LLM-driven cyberattacks.

2025年2月27日 · When an LLM interacts with serialized data—whether JSON, pickle, protobufs, or custom formats—hackers should look for improper deserialization mechanisms that allow them to inject arbitrary objects, execute remote code, or tamper with application logic.

2024年4月30日 · Recently researchers have discovered that LLMs can actually hack websites all by themselves. In this article, we’ll take you on a journey to explore the fascinating world of LLMs and their newfound ability to hack websites. We’ll break down what this means, how it works, and what it could mean for the future of cybersecurity.