Alternatives and similar repositories for virtual-prompt-injection

Users that are interested in virtual-prompt-injection are comparing it to the libraries listed below

• Lyz1213 / BadEdit
  ☆36Updated last year
• lancopku / agent-backdoor-attacks
  Code&Data for the paper "Watch Out for Your Agents! Investigating Backdoor Threats to LLM-Based Agents" [NeurIPS 2024]
  ☆98Updated last year
• Django-Jiang / BadChain
  [ICLR24] Official Repo of BadChain: Backdoor Chain-of-Thought Prompting for Large Language Models
  ☆43Updated last year
• wang2226 / Trojan-Activation-Attack
  [CIKM 2024] Trojan Activation Attack: Attack Large Language Models using Activation Steering for Safety-Alignment.
  ☆28Updated last year
• AI45Lab / ActorAttack
  ☆111Updated 9 months ago
• byerose / Awesome-Foundation-Model-Security
  A curated list of trustworthy Generative AI papers. Daily updating...
  ☆75Updated last year
• usail-hkust / JailTrickBench
  Bag of Tricks: Benchmarking of Jailbreak Attacks on LLMs. Empirical tricks for LLM Jailbreaking. (NeurIPS 2024)
  ☆155Updated 11 months ago
• YihanWang617 / llm-jailbreaking-defense
  A lightweight library for large laguage model (LLM) jailbreaking defense.
  ☆59Updated 2 months ago
• thu-coai / JailbreakDefense_GoalPriority
  [ACL 2024] Defending Large Language Models Against Jailbreaking Attacks Through Goal Prioritization
  ☆29Updated last year
• OSU-NLP-Group / AmpleGCG
  AmpleGCG: Learning a Universal and Transferable Generator of Adversarial Attacks on Both Open and Closed LLM
  ☆75Updated last year
• BHui97 / PLeak
  ☆67Updated 11 months ago
• Sizhe-Chen / StruQ
  official implementation of [USENIX Sec'25] StruQ: Defending Against Prompt Injection with Structured Queries
  ☆52Updated last week
• YancyKahn / CoA
  Chain of Attack: a Semantic-Driven Contextual Multi-Turn attacker for LLM
  ☆38Updated 10 months ago
• HKUST-KnowComp / LLM-Multistep-Jailbreak
  Code for Findings-EMNLP 2023 paper: Multi-step Jailbreaking Privacy Attacks on ChatGPT
  ☆35Updated 2 years ago
• llm-editing / editing-attack
  Code and dataset for the paper: "Can Editing LLMs Inject Harm?"
  ☆21Updated last year
• uw-nsl / SafeDecoding
  Official Repository for ACL 2024 Paper SafeDecoding: Defending against Jailbreak Attacks via Safety-Aware Decoding
  ☆149Updated last year
• huizhang-L / CodeChameleon
  ☆25Updated last year
• cnut1648 / Model-Fingerprint
  Fingerprint large language models
  ☆43Updated last year
• thunlp / HiddenKiller
  Code and data of the ACL-IJCNLP 2021 paper "Hidden Killer: Invisible Textual Backdoor Attacks with Syntactic Trigger"
  ☆43Updated 3 years ago
• lapisrocks / rpo
  Official repository for "Robust Prompt Optimization for Defending Language Models Against Jailbreaking Attacks"
  ☆59Updated last year
• GodXuxilie / PromptAttack
  An LLM can Fool Itself: A Prompt-Based Adversarial Attack (ICLR 2024)
  ☆105Updated 9 months ago
• arobey1 / smooth-llm
  ☆111Updated 2 years ago
• pasquini-dario / LLM_NeuralExec
  Code to generate NeuralExecs (prompt injection for LLMs)
  ☆25Updated last month
• lancopku / codable-watermarking-for-llm
  Repository for Towards Codable Watermarking for Large Language Models
  ☆38Updated 2 years ago
• rotaryhammer / code-autodan
  An unofficial implementation of AutoDAN attack on LLMs (arXiv:2310.15140)
  ☆44Updated last year
• xyq7 / GradSafe
  Official Code for ACL 2024 paper "GradSafe: Detecting Unsafe Prompts for LLMs via Safety-Critical Gradient Analysis"
  ☆60Updated last year
• tmllab / 2025_ICLR_PiF
  ☆37Updated 6 months ago
• ShiJiawenwen / JudgeDeceiver
  [CCS 2024] Optimization-based Prompt Injection Attack to LLM-as-a-Judge
  ☆35Updated 2 months ago
• Phantivia / T-PGD
  [Findings of ACL 2023] Bridge the Gap Between CV and NLP! A Optimization-based Textual Adversarial Attack Framework.
  ☆13Updated 2 years ago
• CryptoAILab / misalignment
  [NDSS'25] The official implementation of safety misalignment.
  ☆17Updated 10 months ago