All Resources

Practice Labs & CTFs

9

Hands-on environments to practice AI red teaming

Splunk MCP LLM SIEMulator

Full-stack lab for generating and detecting MCP-specific attack logs using Splunk SIEM integration.

splunksiemmcp+1

Vulnerable MCP Servers Lab

Collection of 9 labs covering path traversal, RCE, prompt injection, and supply-chain attacks on MCP.

mcprcepath-traversal+1

DevOps Attack Surface Lab

Hands-on lab exploring pipeline security and privilege escalation vectors in CI/CD environments.

devopspipeline-securityprivilege-escalation

Gandalf

Wargame-style challenge where players must trick an LLM into revealing secret passwords.

wargameprompt-injectiongamified

AWSGoat

Deliberately vulnerable AWS cloud infrastructure for practicing cloud security exploitation.

awscloud-securityvulnerable-infra

Damn Vulnerable LLM Agent

Intentionally vulnerable AI agent designed for practicing LLM exploitation techniques.

vulnerable-agentexploitationpractice

LLM CV Screener Lab

Lab demonstrating HR-agent vulnerabilities through prompt injection in resume screening systems.

hr-agentresume-screeningprompt-injection

OWASP Singapore API Workshop

Hands-on OWASP workshop focused on API security testing with practical lab exercises.

owaspapi-securityworkshop+1

Practical DevSecOps Lab

Browser-based security training lab covering DevSecOps practices for AI development pipelines.

devsecopsbrowser-basedtraining

Know a resource we're missing?

This directory is community curated. Submit a pull request to add your favorite AI security resources.

Contribute on GitHub