Skip to main content

LLM-Intruder: Automated Testing for LLM Vulnerabilities

 

An adaptive LLM security assessment framework for authorised red teams.

Burp-Suite-style intruder for Large Language Model applications — with adaptive intelligence, 633+ curated payloads, session replay, and evidence-grade reporting.



Download: https://github.com/crazywifi/llm-Intruder

What is LLM-Intruder?

LLM-Intruder is an open-source framework for systematically assessing the security of Large Language Model (LLM) applications — chatbots, copilots, RAG systems, AI agents, MCP tool servers, and any application that exposes an LLM to users.

It combines the breadth of a curated attack library (49 catalogues, 633+ payloads, 22 mutation strategies, 20 encoding techniques) with the depth of an adaptive hunting loop that learns from each response. You point it at a target — a web chat UI, an OpenAI-compatible API, a Burp Suite request — and it probes, mutates, and reports.

Purpose

Find bypass conditions in LLM applications before attackers do:

  • Prompt injection and jailbreak vulnerabilities
  • System-prompt / instruction leakage
  • Cross-tenant RAG retrieval boundary failures
  • MCP tool-poisoning and agent misuse
  • Markdown / image-based data exfiltration (EchoLeak class)
  • PII and sensitive-data leakage
  • Output-handling vulnerabilities (XSS, SSRF, SQLi, RCE via LLM)
  • Defense-specific bypasses (Azure Prompt Shield, Llama Guard, Constitutional AI, OpenAI Moderation)

Features at a glance

  • 🎯 5 run modes — Campaign (broad sweep), Hunt (adaptive), Pool-Run (concurrent), Probe (single-shot), RAG-Test (cross-tenant).
  • 🌐 Web + API targets — Drive a real Chromium browser via Playwright, or fire raw HTTP requests with a Burp-imported template.
  • 🧠 Adaptive intelligence — 4 togglable modules: TombRaider, Burn Detection, AutoAdv Temperature, Defense Fingerprint.
  • 📚 633+ curated payloads across 49 catalogues, updatable from internet sources with one click.
  • 🔄 22 mutation strategies + 20 encoding techniques with tri-state selection (All / Subset / None).
  • 🔐 Session replay — record a login once, reuse it for every payload automatically.
  • 🖱️ Interactive picker — Burp-style element selection for complex sites where auto-detect fails.
  • 📦 Burp Suite import — paste a saved HTTP request, get an adapter YAML.
  • 🤖 9 LLM providers supported for attacker + judge (Ollama, LM Studio, OpenAI, Anthropic, Gemini, Grok, OpenRouter, Heuristic, Auto).
  • 📊 Evidence-grade reports — Markdown / HTML / JSON / SARIF (GitHub Advanced Security).
  • 🖥️ Web dashboard with live WebSocket progress + CLI for CI / headless use.
  • 💾 Local-first — everything stored in a per-project SQLite DB. No telemetry.



Comments

Post a Comment

Popular posts from this blog

Free Cybersecurity Certifications

Introduction to Cybersecurity Cybersecurity Essentials Networking Essentials Android Bug Bounty Hunting: Hunt Like a Rat Ethical Hacking Essentials (EHE) Digital Forensics Essentials (DFE) Network Defense Essentials (NDE) Introduction to Dark Web, Anonymity, and Cryptocurrency AWS Skill Builder Introduction to Cybersecurity Building a Cybersecurity Toolkit Cyber Aces Free Cyber Security Training Course Introduction to Information Security Penetration Testing - Discovering Vulnerabilities
Post a Comment
Read more

My First Burp Extension | Enable Tor Proxy By Burp (Jython)

Hello Everyone,  Finally, after one week of work, I learned many new things in Jython as well as in Java. When you will see the functionality of this Burp extension, it looks like it needs only one day of development, but for me, it took 1 week because I had zero knowledge of it but yes I know a little bit of Python. But now after one week of time, I can make this type of Burp extender that automates the process and make our life easy. What are the problems I faced while developing it, don't judge me, some are dumb questions to myself: How to create a Burp extension in Jython? What is JPanel and how to use it? How to run Tor proxy in Windows? How to run Tor Proxy in the background? How to kill the process in Windows? How to create a button in Jython? How to change color? etc....etc.....etc...... Download:   https://github.com/crazywifi/TOR_Proxy_Burp_Extension
Post a Comment
Read more

Is your webcam exposed on the internet and everyone enjoying your personal moments? | How to check webcam or security camera is exposed on the internet or not?

Nowadays we start using many technology devices in our homes. Many people are installing CCTV or security cameras in their houses, private rooms, offices, private places, etc for security purposes and monitoring, but many of them don't know how to configure that device securely. So let's talk about CCTV and security cameras only.  What do most CCTV/Security camera users believe? Most users believe that using a strong username and password on a camera administrative page protects them. (Partially true in the case of online cameras) Example: Why it is partially true? It's partially true because you are protecting only the camera administrative page which is also an important part. Still, you are not protecting the protocol used to control streaming media servers (Real-Time Streaming Protocol ( RTSP )). I have seen many online webcams whose administrative page is secured by strong credentials, but they forget to secure the RTSP protocol which gives me access to the streaming ...
Post a Comment
Read more