This repository provides a benchmark for prompt injection attacks and defenses in LLMs
β409Oct 29, 2025Updated 4 months ago
Alternatives and similar repositories for Open-Prompt-Injection
Users that are interested in Open-Prompt-Injection are comparing it to the libraries listed below
Sorting:
- Papers and resources related to the security and privacy of LLMs π€β570Jun 8, 2025Updated 9 months ago
- Repo for the research paper "SecAlign: Defending Against Prompt Injection with Preference Optimization"β89Jul 24, 2025Updated 7 months ago
- β704Jul 2, 2025Updated 8 months ago
- The official implementation of our pre-print paper "Automatic and Universal Prompt Injection Attacks against Large Language Models".β69Oct 23, 2024Updated last year
- official implementation of [USENIX Sec'25] StruQ: Defending Against Prompt Injection with Structured Queriesβ65Nov 10, 2025Updated 4 months ago
- β121Jul 2, 2024Updated last year
- Code for our NAACL2025 accepted paper: Attention Tracker: Detecting Prompt Injection Attacks in LLMsβ23Sep 19, 2025Updated 6 months ago
- A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents.β488Mar 12, 2026Updated last week
- [USENIX Security 2025] PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented Generation of Large Language Modelsβ244Jan 27, 2026Updated last month
- TAP: An automated jailbreaking method for black-box LLMsβ222Dec 10, 2024Updated last year
- Official repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Promptsβ572Feb 27, 2026Updated 3 weeks ago
- Jailbreaking Leading Safety-Aligned LLMs with Simple Adaptive Attacks [ICLR 2025]β380Jan 23, 2025Updated last year
- A benchmark for evaluating the robustness of LLMs and defenses to indirect prompt injection attacks.β108Apr 15, 2024Updated last year
- Fine-tuning base models to build robust task-specific modelsβ34Apr 11, 2024Updated last year
- [NeurIPS 2024] Official implementation for "AgentPoison: Red-teaming LLM Agents via Memory or Knowledge Base Backdoor Poisoning"β203Apr 12, 2025Updated 11 months ago
- [ICML 2025] An official source code for paper "FlipAttack: Jailbreak LLMs via Flipping".β168May 2, 2025Updated 10 months ago
- Bag of Tricks: Benchmarking of Jailbreak Attacks on LLMs. Empirical tricks for LLM Jailbreaking. (NeurIPS 2024)β162Nov 30, 2024Updated last year
- Code for the API, workload execution, and agents underlying the LLMail-Inject Adpative Prompt Injection Challengeβ21Mar 1, 2026Updated 2 weeks ago
- a security scanner for custom LLM applicationsβ1,149Dec 1, 2025Updated 3 months ago
- PromptInject is a framework that assembles prompts in a modular fashion to provide a quantitative analysis of the robustness of LLMs to aβ¦β465Feb 26, 2024Updated 2 years ago
- Every practical and proposed defense against prompt injection.β659Feb 22, 2025Updated last year
- Agent Security Bench (ASB)β201Oct 27, 2025Updated 4 months ago
- β196Nov 26, 2023Updated 2 years ago
- A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).β1,882Mar 4, 2026Updated 2 weeks ago
- Indirect Prompt Injection Methodology (IPIM) - A structured process which security professionals can use to find Indirect Prompt Injectioβ¦β18Jul 28, 2025Updated 7 months ago
- [ACL 2025] The official implementation of the paper "PIGuard: Prompt Injection Guardrail via Mitigating Overdefense for Free".β63Dec 4, 2025Updated 3 months ago
- JailbreakBench: An Open Robustness Benchmark for Jailbreaking Language Models [NeurIPS 2024 Datasets and Benchmarks Track]β546Apr 4, 2025Updated 11 months ago
- Awesome-Jailbreak-on-LLMs is a collection of state-of-the-art, novel, exciting jailbreak methods on LLMs. It contains papers, codes, dataβ¦β1,254Updated this week
- Code&Data for the paper "Watch Out for Your Agents! Investigating Backdoor Threats to LLM-Based Agents" [NeurIPS 2024]β111Sep 27, 2024Updated last year
- [ICML 2024] COLD-Attack: Jailbreaking LLMs with Stealthiness and Controllabilityβ176Dec 18, 2024Updated last year
- β40May 17, 2025Updated 10 months ago
- Universal and Transferable Attacks on Aligned Language Modelsβ4,568Aug 2, 2024Updated last year
- [COLM 2024] JailBreakV-28K: A comprehensive benchmark designed to evaluate the transferability of LLM jailbreak attacks to MLLMs, and furβ¦β88May 9, 2025Updated 10 months ago
- We jailbreak GPT-3.5 Turboβs safety guardrails by fine-tuning it on only 10 adversarially designed examples, at a cost of less than $0.20β¦β345Feb 23, 2024Updated 2 years ago
- [CCS 2024] Optimization-based Prompt Injection Attack to LLM-as-a-Judgeβ40Sep 17, 2025Updated 6 months ago
- [ICLR 2024] The official implementation of our ICLR2024 paper "AutoDAN: Generating Stealthy Jailbreak Prompts on Aligned Large Language Mβ¦β434Jan 22, 2025Updated last year
- [ICLR 2025] Dissecting adversarial robustness of multimodal language model agentsβ134Feb 19, 2025Updated last year
- The automated prompt injection framework for LLM-integrated applications.β258Sep 12, 2024Updated last year
- code of paper "Defending Against Alignment-Breaking Attacks via Robustly Aligned LLM"β14Nov 17, 2023Updated 2 years ago