This repository offers a comprehensive, self-paced training curriculum for security researchers focused on red teaming Generative AI (GenAI) and AI/ML systems. It equips users with offensive security techniques, including adversarial attacks, prompt injection, data extraction, and model manipulation, enabling better defense strategies. The target audience comprises technically savvy individuals with intermediate to advanced backgrounds in machine learning and a keen interest in AI/ML security.

How It Works

The curriculum is structured into eight sequential modules, progressing from foundational concepts of AI/ML security and LLM architecture to advanced adversarial techniques. Each module combines theoretical markdown documents with hands-on Jupyter notebooks. The approach leverages industry-standard tools like IBM's Adversarial Robustness Toolbox (ART), TextAttack, and SHAP, integrated directly into the labs. This practical, tool-driven methodology allows users to directly apply and test adversarial methods against AI systems.

Quick Start & Requirements

• Installation: Clone the repository, create a Python 3.12+ virtual environment, and install dependencies via pip install -r requirements.txt. Labs automatically install additional required packages.
• Prerequisites: Python 3.12+, basic ML understanding, familiarity with Jupyter notebooks. Access to a GPU is recommended for certain exercises.
• Estimated Setup: 10-15 minutes.
• Resources: Refer to QUICK_START.md for initial setup.

Highlighted Details

• Features 8 complete modules and 40 hands-on Jupyter Notebooks covering a wide range of GenAI security topics.
• Integrates key industry-standard security testing frameworks: Adversarial Robustness Toolbox (ART), TextAttack, and SHAP.
• Labs include automatic device detection for optimal performance on NVIDIA CUDA, Apple Silicon MPS, or CPU.
• Provides companion resources for foundational GenAI and LLM security concepts.

Maintenance & Community

The repository is maintained by @schwartz1375. No specific community channels (e.g., Discord, Slack), roadmap, or sponsorship information is detailed in the README.

Licensing & Compatibility

The README does not specify a software license. This omission requires clarification regarding usage rights, particularly for commercial applications or integration into closed-source projects.

Limitations & Caveats

This training is strictly intended for security research, defensive improvements, and educational purposes. It explicitly prohibits malicious attacks on production systems, unauthorized testing, or illegal activities. Users must obtain proper authorization before testing any system. Some exercises may be impractical without a recommended GPU.