Alternatives and similar repositories for jailbreak-bench

Users that are interested in jailbreak-bench are comparing it to the libraries listed below

• xirui-li / DrAttack
  Official implementation of paper: DrAttack: Prompt Decomposition and Reconstruction Makes Powerful LLM Jailbreakers
  ☆66Updated last year
• ltroin / llm_attack_defense_arena
  ☆83Updated 3 months ago
• WUSTL-CSPL / LLMJailbreak
  ☆37Updated last year
• CryptoAILab / FigStep
  [AAAI'25 (Oral)] Jailbreaking Large Vision-language Models via Typographic Visual Prompts
  ☆183Updated 5 months ago
• NJUNLP / ReNeLLM
  The official implementation of our NAACL 2024 paper "A Wolf in Sheep’s Clothing: Generalized Nested Jailbreak Prompts can Fool Large Lang…
  ☆149Updated 3 months ago
• RICommunity / TAP
  TAP: An automated jailbreaking method for black-box LLMs
  ☆202Updated last year
• NY1024 / Foundation-Model-Paper-Notes
  ☆69Updated 6 months ago
• BHui97 / PLeak
  ☆73Updated last year
• SheltonLiu-N / AutoDAN
  [ICLR 2024] The official implementation of our ICLR2024 paper "AutoDAN: Generating Stealthy Jailbreak Prompts on Aligned Large Language M…
  ☆408Updated 10 months ago
• Lyz1213 / BadEdit
  ☆36Updated last year
• usail-hkust / JailTrickBench
  Bag of Tricks: Benchmarking of Jailbreak Attacks on LLMs. Empirical tricks for LLM Jailbreaking. (NeurIPS 2024)
  ☆156Updated last year
• sleeepeer / PoisonedRAG
  [USENIX Security 2025] PoisonedRAG: Knowledge Corruption Attacks to Retrieval-Augmented Generation of Large Language Models
  ☆220Updated last month
• huizhang-L / CodeChameleon
  ☆25Updated last year
• tmlr-group / DeepInception
  [arXiv:2311.03191] "DeepInception: Hypnotize Large Language Model to Be Jailbreaker"
  ☆165Updated last year
• uw-nsl / ArtPrompt
  [ACL24] Official Repo of Paper `ArtPrompt: ASCII Art-based Jailbreak Attacks against Aligned LLMs`
  ☆90Updated 4 months ago
• LLM-DRA / DRA
  [USENIX Security'24] Official repository of "Making Them Ask and Answer: Jailbreaking Large Language Models in Few Queries via Disguise a…
  ☆109Updated last year
• bboylyg / BackdoorLLM
  [NeurIPS 2025] BackdoorLLM: A Comprehensive Benchmark for Backdoor Attacks and Defenses on Large Language Models
  ☆258Updated last month
• Unispac / Visual-Adversarial-Examples-Jailbreak-Large-Language-Models
  Repository for the Paper (AAAI 2024, Oral) --- Visual Adversarial Examples Jailbreak Large Language Models
  ☆260Updated last year
• SolidShen / BAIT
  🔥🔥🔥 Detecting hidden backdoors in Large Language Models with only black-box access
  ☆50Updated 6 months ago
• JailbreakBench / jailbreakbench
  JailbreakBench: An Open Robustness Benchmark for Jailbreaking Language Models [NeurIPS 2024 Datasets and Benchmarks Track]
  ☆493Updated 8 months ago
• NY1024 / Jailbreak_GPT4o
  ☆26Updated last year
• YancyKahn / CoA
  Chain of Attack: a Semantic-Driven Contextual Multi-Turn attacker for LLM
  ☆39Updated 11 months ago
• AI45Lab / ActorAttack
  ☆113Updated 10 months ago
• DPamK / BadAgent
  ☆26Updated 9 months ago
• HKUST-KnowComp / LLM-Multistep-Jailbreak
  Code for Findings-EMNLP 2023 paper: Multi-step Jailbreaking Privacy Attacks on ChatGPT
  ☆35Updated 2 years ago
• AI-secure / AgentPoison
  [NeurIPS 2024] Official implementation for "AgentPoison: Red-teaming LLM Agents via Memory or Knowledge Base Backdoor Poisoning"
  ☆181Updated 8 months ago
• liu00222 / Open-Prompt-Injection
  This repository provides a benchmark for prompt injection attacks and defenses in LLMs
  ☆361Updated last month
• RylanSchaeffer / AstraFellowship-When-Do-VLM-Image-Jailbreaks-Transfer
  Code for ICLR 2025 Failures to Find Transferable Image Jailbreaks Between Vision-Language Models
  ☆35Updated 6 months ago
• ledllm / ledllm
  ☆25Updated last year
• wang2226 / Trojan-Activation-Attack
  [CIKM 2024] Trojan Activation Attack: Attack Large Language Models using Activation Steering for Safety-Alignment.
  ☆29Updated last year