This repository provides a benchmark for prompt injection attacks and defenses in LLMs
β395Oct 29, 2025Updated 4 months ago
Alternatives and similar repositories for Open-Prompt-Injection
Users that are interested in Open-Prompt-Injection are comparing it to the libraries listed below
Sorting:
- Repo for the research paper "SecAlign: Defending Against Prompt Injection with Preference Optimization"β86Jul 24, 2025Updated 7 months ago
- Papers and resources related to the security and privacy of LLMs π€β566Jun 8, 2025Updated 8 months ago
- β117Jul 2, 2024Updated last year
- official implementation of [USENIX Sec'25] StruQ: Defending Against Prompt Injection with Structured Queriesβ63Nov 10, 2025Updated 3 months ago
- β698Jul 2, 2025Updated 7 months ago
- The official implementation of our pre-print paper "Automatic and Universal Prompt Injection Attacks against Large Language Models".β69Oct 23, 2024Updated last year
- Official repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Promptsβ566Sep 24, 2024Updated last year
- A Dynamic Environment to Evaluate Attacks and Defenses for LLM Agents.β443Feb 3, 2026Updated 3 weeks ago
- Jailbreaking Leading Safety-Aligned LLMs with Simple Adaptive Attacks [ICLR 2025]β377Jan 23, 2025Updated last year
- TAP: An automated jailbreaking method for black-box LLMsβ221Dec 10, 2024Updated last year
- [USENIX Security 2025] PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented Generation of Large Language Modelsβ234Jan 27, 2026Updated last month
- Bag of Tricks: Benchmarking of Jailbreak Attacks on LLMs. Empirical tricks for LLM Jailbreaking. (NeurIPS 2024)β163Nov 30, 2024Updated last year
- Fine-tuning base models to build robust task-specific modelsβ34Apr 11, 2024Updated last year
- a security scanner for custom LLM applicationsβ1,134Dec 1, 2025Updated 2 months ago
- A benchmark for evaluating the robustness of LLMs and defenses to indirect prompt injection attacks.β104Apr 15, 2024Updated last year
- Code for our NAACL2025 accepted paper: Attention Tracker: Detecting Prompt Injection Attacks in LLMsβ23Sep 19, 2025Updated 5 months ago
- [NeurIPS 2024] Official implementation for "AgentPoison: Red-teaming LLM Agents via Memory or Knowledge Base Backdoor Poisoning"β199Apr 12, 2025Updated 10 months ago
- Every practical and proposed defense against prompt injection.β642Feb 22, 2025Updated last year
- A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).β1,865Jan 24, 2026Updated last month
- [ACL 2025] The official implementation of the paper "PIGuard: Prompt Injection Guardrail via Mitigating Overdefense for Free".β59Dec 4, 2025Updated 2 months ago
- Code&Data for the paper "Watch Out for Your Agents! Investigating Backdoor Threats to LLM-Based Agents" [NeurIPS 2024]β109Sep 27, 2024Updated last year
- β195Nov 26, 2023Updated 2 years ago
- [ICML 2025] An official source code for paper "FlipAttack: Jailbreak LLMs via Flipping".β165May 2, 2025Updated 9 months ago
- JailbreakBench: An Open Robustness Benchmark for Jailbreaking Language Models [NeurIPS 2024 Datasets and Benchmarks Track]β531Apr 4, 2025Updated 10 months ago
- PromptInject is a framework that assembles prompts in a modular fashion to provide a quantitative analysis of the robustness of LLMs to aβ¦β455Feb 26, 2024Updated 2 years ago
- [ICML 2024] COLD-Attack: Jailbreaking LLMs with Stealthiness and Controllabilityβ176Dec 18, 2024Updated last year
- β39May 17, 2025Updated 9 months ago
- Agent Security Bench (ASB)β186Oct 27, 2025Updated 4 months ago
- Awesome-Jailbreak-on-LLMs is a collection of state-of-the-art, novel, exciting jailbreak methods on LLMs. It contains papers, codes, dataβ¦β1,221Feb 6, 2026Updated 3 weeks ago
- The automated prompt injection framework for LLM-integrated applications.β254Sep 12, 2024Updated last year
- [CCS 2024] Optimization-based Prompt Injection Attack to LLM-as-a-Judgeβ39Sep 17, 2025Updated 5 months ago
- [COLM 2024] JailBreakV-28K: A comprehensive benchmark designed to evaluate the transferability of LLM jailbreak attacks to MLLMs, and furβ¦β87May 9, 2025Updated 9 months ago
- Code to generate NeuralExecs (prompt injection for LLMs)β27Oct 5, 2025Updated 4 months ago
- We jailbreak GPT-3.5 Turboβs safety guardrails by fine-tuning it on only 10 adversarially designed examples, at a cost of less than $0.20β¦β339Feb 23, 2024Updated 2 years ago
- [ICLR 2024] The official implementation of our ICLR2024 paper "AutoDAN: Generating Stealthy Jailbreak Prompts on Aligned Large Language Mβ¦β430Jan 22, 2025Updated last year
- Universal and Transferable Attacks on Aligned Language Modelsβ4,521Aug 2, 2024Updated last year
- Indirect Prompt Injection Methodology (IPIM) - A structured process which security professionals can use to find Indirect Prompt Injectioβ¦β18Jul 28, 2025Updated 7 months ago
- β19Jan 5, 2026Updated last month
- Code for the API, workload execution, and agents underlying the LLMail-Inject Adpative Prompt Injection Challengeβ19Feb 13, 2026Updated 2 weeks ago