Summary

This repository provides a structured, comprehensive roadmap for learning AI/ML security and penetration testing, with a strong focus on prompt injection and LLM attacks. Aimed at beginners to practitioners, it offers a curated path through free resources to become proficient in securing AI systems.

How It Works

The project outlines a phased learning journey, progressing from foundational security and ML concepts to advanced exploitation techniques and real-world research. It meticulously curates a vast array of free online courses, videos, guides, tools, and practical exercises, enabling a self-directed learning experience. The approach prioritizes a logical skill progression, making complex AI security topics accessible.

Quick Start & Requirements

As a resource guide, there's no direct installation. Prerequisites include general security basics (e.g., PortSwigger Web Security Academy, TryHackMe), Python programming proficiency, and an understanding of APIs/HTTP. Learners will need access to the internet and various free online platforms like Coursera, edX, fast.ai, Hugging Face, and specific interactive labs.

Highlighted Details

• Covers key frameworks like OWASP LLM Top 10 and MITRE ATLAS.
• Features hands-on practice platforms including Gandalf, Prompt Airlines, and Crucible.
• Lists essential offensive tools such as Garak and PyRIT, alongside defensive tools like Rebuff and NeMo Guardrails.
• Details bug bounty programs for major AI providers (OpenAI, Google, Meta) and AI-focused platforms.
• Offers tailored learning paths for Beginner, Intermediate, and Advanced experience levels.

Maintenance & Community

Last updated in 2025, the project welcomes contributions via pull requests. It highlights active communities like AI Village (DEF CON) and OWASP AI Exchange, alongside leading blogs and research outlets in AI security.

Licensing & Compatibility

The roadmap itself does not specify a license. The linked resources are predominantly free or offer audit-free access, but users must verify the individual licenses of each external resource for compatibility, especially for commercial use.

Limitations & Caveats

Being a curated list of free resources, it may not cover all commercial or advanced proprietary tools. The rapidly evolving AI/ML security landscape necessitates continuous updates beyond its last update in 2025. It serves as a learning guide, requiring users to independently set up and utilize separate tools and environments for practical application.