aiapwn is a simple tool that automates the process of detecting prompt injection vulnerabilities in AI agents and LLMs. It includes a recon system that profiles the target AI, a testing engine that tries various prompt injections, and a smart evaluation of resutls. - The tool can also generate custom payloads based on the AI's behavior.
- Python 3.8 or higher
- Poetry for dependency management
-
Clone the repository:
git clone https://github.com/karimhabush/aiapwn.git cd aiapwn -
Activate the virtual environment:
poetry shell
-
Install dependencies with Poetry:
poetry install
For evaluation and AI prompt generation features, you'll need an OpenAI API key:
-
Create a
.envfile in the project root:echo "OPENAI_API_KEY=your-api-key-here" > .env
-
Or set the environment variable directly:
export OPENAI_API_KEY=your-api-key-here
Run the tool with the following command:
python3 -m aiapwn --url <target-url> [options]Test an AI agent with basic reconnaissance and payload testing:
python3 -m aiapwn --url https://example.com/ai-chatbotEnable evaluator to auto-detect exploitable prompts:
python3 -m aiapwn --url https://example.com/ai-chatbot --evaluateGenerate tailored prompt injection payloads:
python3 -m aiapwn --url https://example.com/ai-chatbot --generate --num-prompts 10Specify custom payload directories:
python3 -m aiapwn --url https://example.com/ai-chatbot --payload-dir /path/to/payloads --recon-dir /path/to/reconThis tool is designed for security testing purposes only. Unauthorized use or testing against systems you do not own is illegal and may result in severe penalties. Always ensure you have explicit permission to test a target.
Contributions are welcome.
This project is licensed under the MIT License - see the LICENSE file for details.