AI Security Labs & CTFs

8+ hands-on practice environments for AI red teaming and prompt injection, featuring real LLM challenges with difficulty ratings from beginner to advanced

PromptTrace

Hands-on prompt injection labs with real LLMs, a Gauntlet CTF, and Context Trace showing the full prompt stack the model receives.

prompt-injectionrag-poisoningtool-exploitation+1

Gandalf

Wargame-style challenge where players must trick an LLM into revealing secret passwords across progressively harder levels.

wargameprompt-injectiongamified

Damn Vulnerable LLM Agent

Intentionally vulnerable AI agent designed for practicing LLM exploitation techniques.

vulnerable-agentexploitationpractice

Vulnerable MCP Servers Lab

Collection of 9 labs covering path traversal, RCE, prompt injection, and supply-chain attacks on MCP.

mcprcepath-traversal+1

Splunk MCP LLM SIEMulator

Full-stack lab for generating and detecting MCP-specific attack logs using Splunk SIEM integration.

splunksiemmcp+1

LLM CV Screener Lab

Lab demonstrating HR-agent vulnerabilities through prompt injection in resume screening systems.

hr-agentresume-screeningprompt-injection

DevOps Attack Surface Lab

Hands-on lab exploring pipeline security and privilege escalation vectors in CI/CD environments.

devopspipeline-securityprivilege-escalation

AWSGoat

Deliberately vulnerable AWS cloud infrastructure for practicing cloud security exploitation.

awscloud-securityvulnerable-infra

Know a resource we're missing?

Send us a message with the resource name and link. We review every suggestion.