LLMFuzzer is the first open-source fuzzing framework specifically designed for Large Language Models (LLMs), especially for their integrations in applications via LLM APIs. ππ₯
If you're a security enthusiast, a pentester, or a cybersec researcher who loves to find and exploit vulnerabilities in AI systems, LLMFuzzer is the perfect tool for you. It's built to make your testing process streamlined and efficient. π΅οΈββοΈ
- Robust fuzzing for LLMs π§ͺ
- LLM API integration testing π οΈ
- Wide range of fuzzing strategies π
- Modular architecture for easy extendability π
- Clone the repo
git clone https://github.com/mnns/LLMFuzzer.git
- Navigate to the project directory
cd LLMFuzzer
- Install dependencies
pip install -r requirements.txt
- Edit llmfuzzer.cfg with your LLM API endpoint (LLMFuzzer -> Your Application -> LLM)
Connection:
Type: HTTP-API
Url: "http://localhost:3000/chat" # Your LLM API
Content: JSON
Query-Attribute: "query" # Your JSON query attribute
Output-Attribute: "answer" # Your JSON response attribute
Headers: {'enwiki_session': '17ab96bd8ffbe8ca58a78657a918558'} # Add HTTP Headers if needed
Cookie: {'enwiki_session': '17ab96bd8ffbe8ca58a78657a918558'} # Add Cookies if needed
- Run LLMFuzzer
python main.py
We are working on full documentation. It will cover detailed information about the architecture, different fuzzing strategies, examples, and how to extend the tool.
We welcome all contributors who are passionate about improving LLMFuzzer. See our contributing guidelines for ways to get started. π€
LLMFuzzer is licensed under the MIT License. See the LICENSE file for more details.
LLMFuzzer couldn't exist without the community. We appreciate all our contributors and supporters. Let's make AI safer together! π