Enterprise-Grade Automated Security Testing for Large Language Models
As organizations increasingly adopt Large Language Models (LLMs) for production applications, ensuring their security against adversarial attacks, jailbreaks, and prompt injections has become critical. Traditional security testing approaches are inadequate for evaluating LLM-specific vulnerabilities.
The LLM Red Teaming Platform is a comprehensive, production-ready security testing framework designed specifically for Large Language Models. It automates the discovery of vulnerabilities through adversarial red teaming techniques, enabling security researchers, AI engineers, and organizations to identify weaknesses before they can be exploited in production.
- Security Researchers conducting AI safety assessments
- AI/ML Engineers building production LLM applications
- Enterprise Organizations ensuring compliance and security
- Red Team Professionals specializing in AI system testing
- Comprehensive Coverage: Tests 7+ vulnerability categories with 12+ attack methods
- Multi-Provider Support: Works with any LLM via unified interface
- Production-Ready: Enterprise-grade with persistence, authentication, and reporting
- Extensible Framework: Modular architecture for custom attacks and integrations
- Automated Workflows: Reduces manual testing effort by 80%+
| Component | Technology | Purpose |
|---|---|---|
| Core Language | Python 3.10+ | Application runtime |
| Web Framework | FastAPI 0.115+ | REST API and async request handling |
| UI Framework | Streamlit 1.32+ | Interactive dashboard |
| Red Teaming | DeepTeam 3.8+ | Adversarial testing framework |
| LLM Integration | LangChain 1.2+ | Universal LLM provider interface |
| Component | Technology | Purpose |
|---|---|---|
| Templates | Jinja2 3.1+ | Server-side HTML rendering |
| Styling | Custom CSS | Modern, responsive UI design |
| Charts | Plotly 6.0+ | Interactive data visualization |
| Static Assets | FastAPI StaticFiles | CSS/JS/Image serving |
| Component | Technology | Purpose |
|---|---|---|
| Primary Database | SQLite | Embedded relational database |
| ORM | SQLAlchemy 2.0+ | Database abstraction and migrations |
| Models | SQLAlchemy ORM | Scans, TestCases, Configurations |
| Component | Technology | Purpose |
|---|---|---|
| Cloud Platform | Microsoft Azure | Application hosting and infrastructure |
| Compute | Azure App Service / AKS | Web application deployment |
| Secrets | Environment Variables | API key management |
| Provider | Integration | Models Supported |
|---|---|---|
| OpenAI | langchain-openai | GPT-4, GPT-3.5, GPT-4o |
| Azure OpenAI | langchain-openai | Azure-hosted OpenAI models |
| Anthropic | langchain-anthropic | Claude 3, Claude 2 |
| langchain-google-genai | Gemini Pro, Gemini Ultra | |
| Groq | langchain-groq | Llama 3, Mixtral |
| AWS Bedrock | langchain-aws | Bedrock models |
| HuggingFace | langchain-huggingface | Open-source models |
| Component | Technology | Purpose |
|---|---|---|
| Password Hashing | bcrypt 4.2+ | Secure credential storage |
| Session Management | Starlette SessionMiddleware | Stateful authentication |
| Secrets Management | python-dotenv | Environment configuration |
| Component | Technology | Purpose |
|---|---|---|
| Logging | Python logging module | Structured application logs |
| Log Output | File-based logging | Audit trail and debugging |
| Component | Technology | Purpose |
|---|---|---|
| PDF Generation | fpdf2 2.8+ | Security report generation |
| Data Processing | Pandas 2.2+ | Results analysis and aggregation |
| Validation | Pydantic 2.10+ | Type-safe configuration management |
| Environment Config | pydantic-settings 2.7+ | Settings validation |
β Automated Red Teaming
- One-click security scans against any LLM
- Configurable attack intensity (1-20 attacks per vulnerability)
- Support for batch scanning multiple models
β Multi-Provider LLM Support
- OpenAI (GPT-4, GPT-3.5, GPT-4o)
- Azure OpenAI (all deployments)
- Anthropic Claude (2.x, 3.x)
- Google Gemini (Pro, Ultra)
- Groq (Llama 3, Mixtral)
- AWS Bedrock
- HuggingFace models
β Comprehensive Vulnerability Testing
- Robustness: Input overreliance, misinformation
- Indirect Injection: Cross-prompt leaking
- Jailbreak: System prompt bypassing
- Shell Injection: Code execution attempts
- Prompt Leaking: System prompt extraction
- Goal Hijacking: Task redirection
- Inter-Agent Security: Multi-agent vulnerabilities
β Attack Library
- 100+ pre-built adversarial prompts
- Categorized by attack type and severity
- Custom attack builder interface
π¬ Attack Enhancement Methods
- Jailbreak Strategies: DAN, Evil Confidant, STAN, role-playing
- Encoding Attacks: ROT13, Base64, Caesar cipher
- Prompt Probing: Iterative refinement
- Gray Box Testing: Partial knowledge exploitation
- Multilingual Attacks: Non-English prompts
π― Custom Attack Builder
- Visual interface for creating custom prompts
- Template-based attack creation
- Real-time testing against target models
- Save and reuse custom attacks
π Advanced Analytics
- Interactive dashboards with Plotly charts
- Vulnerability distribution analysis
- Time-series trend tracking
- Attack success rate metrics
- Model comparison views
π Professional Reporting
- Auto-generated PDF security reports
- Executive summary with risk scores
- Detailed test case breakdowns
- Remediation recommendations
- Compliance-ready documentation
Red_Teaming/
β
βββ app.py # Streamlit UI entry point
βββ web_app.py # FastAPI web application
βββ migrate_db.py # Database migration script
βββ requirements.txt # Python dependencies
βββ sample.json # Sample configuration
βββ .env.example # Environment template
β
βββ auth/ # Authentication module
β βββ __init__.py
β βββ authentication.py # Login logic, password hashing
β
βββ config/ # Configuration management
β βββ __init__.py
β βββ settings.py # Environment-based settings
β βββ providers.py # LLM provider configurations
β
βββ core/ # Core business logic
β βββ __init__.py
β βββ red_team_engine.py # Main orchestration engine
β βββ llm_factory.py # LLM instance factory
β βββ attack_registry.py # Vulnerability & attack registry
β βββ attack_library.py # Pre-built attack prompts
β βββ jailbreak_strategies.py # Jailbreak method implementations
β βββ custom_red_team_engine.py # Custom attack execution
β
βββ database/ # Data persistence layer
β βββ __init__.py
β βββ db_manager.py # Database operations & queries
β βββ models.py # SQLAlchemy ORM models
β
βββ reports/ # Report generation
β βββ __init__.py
β βββ pdf_generator.py # PDF report creation
β
βββ ui/ # Streamlit UI components
β βββ __init__.py
β βββ components/ # Reusable UI widgets
β β βββ __init__.py
β β βββ charts.py # Plotly visualization components
β β βββ model_selector.py # LLM selection widget
β β βββ sidebar.py # Navigation sidebar
β βββ pages/ # Application pages
β βββ __init__.py
β βββ dashboard.py # Main dashboard view
β βββ configure.py # Provider configuration
β βββ attack_lab.py # Attack testing interface
β βββ results.py # Scan results display
β βββ reports_page.py # Report management
β
βββ templates/ # Jinja2 HTML templates (FastAPI)
β βββ base.html # Base template with layout
β βββ index.html # Landing page
β βββ dashboard.html # Dashboard view
β βββ config.html # Configuration page
β βββ attack.html # Attack execution page
β βββ custom_attack.html # Custom attack builder
β βββ results.html # Results display
β βββ reports.html # Reports page
β
βββ static/ # Static assets (CSS, JS, images)
β βββ css/
β βββ js/
β βββ images/
β
βββ utils/ # Utility functions
β βββ __init__.py
β βββ logger.py # Logging configuration
β βββ helpers.py # Helper functions
β
βββ docs/ # Documentation
β βββ README.md # Documentation index
β βββ ARCHITECTURE.md # Architecture details
β βββ CONTRIBUTING.md # Contribution guidelines
β βββ DEMO.md # Demo walkthrough
β βββ REQUIREMENTS.md # Detailed requirements
β βββ SECURITY.md # Security policies
β βββ CHANGELOG.md # Version history
β
βββ logs/ # Application logs (gitignored)
βββ reports/ # Generated PDF reports (gitignored)
βββ __pycache__/ # Python bytecode (gitignored)
| Directory | Purpose |
|---|---|
auth/ |
Handles user authentication, password hashing, and session management |
config/ |
Centralized configuration management and provider definitions |
core/ |
Core red teaming logic including engine, factory, and attack registry |
database/ |
SQLAlchemy models and database operation wrappers |
reports/ |
PDF generation for security assessment reports |
ui/ |
Streamlit-based user interface components and pages |
templates/ |
Jinja2 templates for FastAPI web interface |
static/ |
CSS, JavaScript, and image assets for web UI |
utils/ |
Shared utility functions and helpers |
docs/ |
Comprehensive project documentation |
Ensure you have the following installed:
- Python 3.10 or higher (Python 3.11 recommended)
- pip (Python package manager)
- Git (for cloning repository)
- API keys for at least one LLM provider (see provider list below)
Create a .env file in the project root:
cp .env.example .env- Clone the repository:
git clone <repository-url>
cd Red_Teaming- Create virtual environment:
python -m venv venv- Activate virtual environment:
Windows:
.\venv\Scripts\activatemacOS/Linux:
source venv/bin/activate- Install dependencies:
pip install --upgrade pip
pip install -r requirements.txt- Initialize database:
python migrate_db.pystreamlit run app.pyThe application will open at http://localhost:8501
python web_app.pyOr with Uvicorn directly:
uvicorn web_app:app --reload --host 0.0.0.0 --port 8000The application will be available at http://localhost:8000
Currently, the project uses manual testing workflows. To validate your setup:
-
Test provider connectivity:
- Navigate to the Configuration page
- Click "Test Connection" for each configured provider
-
Run a sample scan:
- Go to Attack Lab
- Select models and vulnerability types
- Execute a small scan (5 attacks)
-
Verify results:
- Check the Results page for scan output
- Generate a PDF report
Comprehensive documentation is available in the docs/ folder:
- π Architecture - System design and technical details
- π€ Contributing - How to contribute to the project
- π Security - Security best practices and considerations
- π¬ Demo Guide - Creating demos and videos
- π Changelog - Version history and release notes
- π¦ Requirements - System and dependency requirements
| Provider | Models | Notes |
|---|---|---|
| OpenAI | GPT-4, GPT-4o, GPT-3.5-turbo | Best JSON support |
| Groq | Llama 3.x, Mixtral, Gemma | Fast, free tier available |
| Anthropic | Claude 3 Opus, Sonnet, Haiku | High-quality responses |
| Azure OpenAI | Same as OpenAI | Enterprise deployment |
| Gemini Pro, Gemini Pro Vision | Multimodal support | |
| Ollama | Any local model | Privacy-focused |
- DeepEval - Red teaming framework
- LangChain - LLM orchestration
- Streamlit - Rapid UI development
- FastAPI - Modern API framework
- OWASP LLM Top 10 - Vulnerability classification
- NIST AI RMF - Risk management framework
- Security researchers and the open-source community
If you find this project useful, please consider giving it a star! β
Built with β€οΈ for AI Security