Lazy Hacker

  An adaptive LLM security assessment framework for authorised red teams. Burp-Suite-style intruder for Large Language Model applications — with adaptive intelligence, 633+ curated payloads, session replay, and evidence-grade reporting. Download:   https://github.com/crazywifi/llm-Intruder What is LLM-Intruder? LLM-Intruder is an open-source framework for systematically assessing the security of Large Language Model (LLM) applications — chatbots, copilots, RAG systems, AI agents, MCP tool servers, and any application that exposes an LLM to users. It combines the breadth of a curated attack library (49 catalogues, 633+ payloads, 22 mutation strategies, 20 encoding techniques) with the depth of an adaptive hunting loop that learns from each response. You point it at a target — a web chat UI, an OpenAI-compatible API, a Burp Suite request — and it probes, mutates, and reports. Purpose Find bypass conditions in LLM applications before attackers do: Prompt injection and jailbreak...

URL:   https://crazywifi.github.io/Redteam_LLM_Injection_payloads/ Project Overview The LLM Red Team Payload Vault is a comprehensive, production-ready library of adversarial prompt injection vectors designed for security researchers, pentest teams, and AI developers. This repository consolidates 700+ unique attack payloads merged from industry-standard red teaming tools (such as Promptfoo, Garak, and PyRIT) and exhaustive academic research compendiums. The dataset is organized into 15 specialized categories, providing a structured approach to testing the robustness of Large Language Models (LLMs) and autonomous agents. Key Features Massive Dataset: Includes 700+ deduplicated payloads ranging from simple overrides to complex cryptographic and multi-turn attacks. Structured Taxonomy: Payloads are categorized based on the OWASP Top 10 for LLM Applications, including Direct Injection (LLM01), Sensitive Info Disclosure (LLM02), and System Prompt Leakage (LLM07). Complex Attack Chains: ...

Are you a trader, analyst, or data enthusiast looking for reliable historical stock market data for India? Look no further! I am offering a  comprehensive dataset  covering  Indian stock data from 2015 to August 2025 . This dataset is perfect for  backtesting trading strategies, algorithmic trading, research, or learning  the Indian stock market trends. What’s included: Stock Database (.db) — stock_database_.db_File_2015_Aug_2025_5min.rar SQL database format Contains 5-minute interval data for all major Indian stocks Easily queryable for automated backtesting or analysis Stock Data in Excel (.xlsx) — Stock_Data_Excel_5min.rar Excel spreadsheets for easy access Ideal for manual analysis or visualization Includes OHLCV data (Open, High, Low, Close, Volume) Why this dataset is valuable: 10+ years of high-resolution historical data — perfect for analyzing long-term trends Ready-to-use formats — database for coders, Excel for analysts Affordable price — get all this ...

  This project provides a suite of two Python-based GUI tools designed to automate and streamline the process of discovering and testing potential DLL hijacking vulnerabilities in Windows applications. Overview This project provides a suite of two Python-based GUI tools designed to automate and streamline the process of discovering and testing potential DLL hijacking vulnerabilities in Windows applications. It leverages Sysinternals Process Monitor (Procmon) for data collection and provides a framework for testing identified hijack points with user-selected payloads. Many applications attempt to load Dynamic Link Libraries (DLLs) without specifying a full path. If these DLLs are not found in standard locations, an attacker might be able to place a malicious DLL with the same name in a location that the application searches earlier (e.g., the application’s own directory if it has weak permissions), leading to the malicious DLL being loaded and executed. Manually identifying all such...

  I’ve developed a script that automates the DLL hijacking process. During my testing, I noticed that we often focus on DLLs marked as “Not Found” when testing for DLL hijacking. However, an interesting observation is that among these “Not Found” DLLs, a few (typically one or two) might actually execute, even though we don’t manually test all of them. This script helps automate the testing of all potential DLLs. Note that the payload execution still requires manual verification, as the script is currently a work in progress. Features: Do not perform testing on DLLs within the Windows directory. If the command prompt runs with administrative privileges, the script will ask if you want to execute with elevated permissions. Allows exploitation with either administrative or normal user privileges. It offers multiple payload options to choose from. Execution Process: Run  Run1_Auto_DLL_Hijacking_Admin.bat  with administrative privileges. It first launches Procmon and then prom...

  I have developed an automation script for testing binary protection and signature issues. Previously, we had to open the terminal and enter commands, which involved copying paths, and it was a bit irritating for me. Now, with this script, all you need to do is execute the batch file and paste the installable directory path. Both test cases will be performed automatically by this script, and you will receive the results in the same folder under the name "output." It might be helpful for someone. Download:  https://github.com/crazywifi/Binary_Protection_Sig_Checker_Automation.git