This repository provides a curated collection of real-world exploits and scanning templates for vulnerabilities found in AI/ML tools and frameworks, targeting security professionals and researchers. It aims to demystify practical attacks against ML infrastructure, highlighting systemic weaknesses beyond just LLM inputs, and enabling proactive defense.

How It Works

The collection is organized by vulnerable tool, with each entry containing Metasploit modules for exploitation, Nuclei templates for large-scale scanning, and CSRF templates for web-based attacks. This multi-faceted approach allows for both targeted exploitation and broad vulnerability assessment across the ML ecosystem.

Quick Start & Requirements

• Install/Run: Use the provided Dockerfile to build and run the image.
  • git clone https://github.com/protectai/ai-exploits && cd ai-exploits
  • docker build -t protectai/ai-exploits .
  • docker run -it --rm protectai/ai-exploits /bin/bash
• Prerequisites: Docker. Metasploit and Nuclei are pre-installed within the Docker image.
• Resources: Building the Docker image and running exploits may require significant system resources depending on the target.
• Links: Demo Video

Highlighted Details

• Collection includes Metasploit modules, Nuclei templates, and CSRF templates.
• Vulnerabilities affect tools used in building, training, and deploying ML models.
• Exploits can lead to system takeovers, data loss, or credential theft, often without authentication.
• Focuses on responsibly disclosed vulnerabilities identified by Protect AI and independent researchers.

Maintenance & Community

The repository is maintained by Protect AI. Contribution guidelines are available for community involvement.

Licensing & Compatibility

• License: Apache 2.0 License.
• Compatibility: Permissive license suitable for commercial use and integration with closed-source projects.

Limitations & Caveats

The repository contains exploits for real-world vulnerabilities, implying potential risks if used without proper authorization or understanding. Exploitation requires a target environment and specific configurations.