# advanced
163 artikelengetagd met “advanced”
Agent memory-poisoning
Technieken om kwaadaardige inhoud te injecteren in de geheugensystemen van agents -- gespreksgeschiedenis, RAG-stores en vectordatabases -- om persistente compromittering over sessies heen te bereiken.
Redeneerketens manipuleren
Technieken om de chain-of-thought-redenering van een AI-agent te beïnvloeden, zodat je zijn planning, besluitvorming en toolkeuze stuurt richting uitkomsten die de aanvaller wil.
Aanvallen op multi-agent systemen
Misbruiktechnieken voor multi-agent architecturen, waaronder injectie tussen agents, schendingen van vertrouwensgrenzen, kettingreacties van compromittering en aanvallen op het A2A-protocol.
Geavanceerd oefenexamen
25-question practice exam covering advanced AI red team techniques: multimodal attacks, training pipeline exploitation, agentic system attacks, embedding manipulation, and fine-tuning security.
Oefenexamen 2: geavanceerde AI-beveiliging
25-question advanced practice exam covering multimodal attacks, training pipeline security, cloud AI security, forensics, and governance.
Geavanceerd AI-beveiliging oefenexamen 1
Advanced practice exam covering agentic exploitation, training attacks, and frontier research.
Geavanceerd AI-beveiliging oefenexamen 2
Second advanced practice exam focusing on multimodal, cloud, and pipeline security.
Agentic AI-beveiliging oefenexamen 2
Advanced practice exam covering agent memory poisoning, workflow exploitation, and A2A protocol attacks.
Uitgebreid geavanceerd oefenexamen
Full-spectrum advanced practice exam covering all major AI red teaming domains.
Geavanceerd verdediging oefenexamen
Practice exam on guardrail architecture, constitutional AI defenses, and behavioral monitoring implementation.
Geavanceerd governance oefenexamen (assessment)
Advanced governance practice exam covering international regulation, audit methodologies, and organizational frameworks.
Geavanceerd prompt injection oefenexamen
Practice exam on indirect injection, multi-step chains, encoding bypass, and semantic manipulation.
Geavanceerd beveiligingsassessment van cloud-AI
15-question advanced assessment covering cloud AI attack surfaces across AWS, Azure, and GCP: guardrail bypass, knowledge base exploitation, managed identity abuse, model customization risks, and multi-cloud attack paths.
Geavanceerd assessment van toolvaardigheid
Advanced assessment on Garak, PyRIT, HarmBench, and custom tool development proficiency.
Geavanceerd tradecraft-assessment
Assessment covering OPSEC, evasion, persistence, attribution avoidance, and professional red team operations.
Geavanceerd assessment van agentic misbruik
Advanced assessment covering MCP exploitation chains, multi-agent attacks, and A2A protocol injection.
Geavanceerd beveiligingsassessment van cloud-AI (assessment)
Advanced assessment on multi-cloud AI security, IAM misconfigurations, and endpoint hardening.
Geavanceerd beveiligingsassessment van codegeneratie
Advanced assessment on autonomous coding agents, sandbox escapes, and supply chain attacks.
Geavanceerd beveiligingsassessment van embeddings
Advanced assessment on embedding inversion, vector DB attacks, and multimodal embedding exploitation.
Geavanceerd AI-forensics assessment
Advanced assessment on model behavior forensics, training data breach analysis, and attack attribution.
Assessment van geavanceerde multimodale aanvallen
Advanced assessment covering cross-modal attacks, steganographic injection, and multimodal defense bypass.
Geavanceerd assessment van de trainingspipeline
Advanced assessment on RLHF exploitation, DPO vulnerabilities, and federated learning attacks.
Geavanceerde voorbereidingsgids voor certificering
Study guide for advanced certification covering complex topics and hands-on preparation strategies.
Studiegids gevorderde onderwerpen
Study guide covering AI security research techniques, automation, forensics, emerging attack vectors, and tool development for advanced practitioners.
Capstone: beveiligingsassessment van cloud-AI
Assess AI deployment security across AWS, Azure, and GCP cloud platforms, producing a comprehensive cloud AI security assessment report.
Capstone: implementatie van een verdedigingssysteem
Build a complete AI defense stack with input filtering, output monitoring, guardrails, rate limiting, and logging, then evaluate it against automated attacks.
Capstone: AI incident response-oefening
Respond to a simulated AI security incident through triage, investigation, containment, remediation, and post-mortem reporting.
Capstone: bijdrage aan open source
Contribute to an open-source AI security project such as garak, PyRIT, or MITRE ATLAS, producing a merged PR or submitted issue with proof of concept.
Capstone: aanval en verdediging van de trainingspipeline
Attack a model training pipeline through data poisoning and backdoor insertion, then build defenses to detect and prevent these attacks.
Capstone: bouw een AI-beveiligingsscanner
Design and implement an automated AI security testing tool that supports prompt injection detection, jailbreak testing, and output analysis.
CTF najaar 2026: geavanceerd aanvalsonderzoek
An expert-level CTF requiring novel technique development, research-grade problem solving, and original vulnerability discovery in AI systems.
Seizoens-CTF: zomer 2026 geavanceerde dreigingen
Summer 2026 CTF focused on advanced threat scenarios including supply chain attacks, multi-model exploitation, and infrastructure compromise.
Geavanceerde extractie van trainingsdata
Advanced techniques for extracting memorized training data from language models.
Gradient-gebaseerde aanvallen uitgelegd
Hoe gradiënten worden gebruikt om adversarial input voor LLM's te maken — FGSM, PGD en GCG-aanvallen uitgelegd met toegankelijke wiskunde en praktische voorbeelden.
Schaalwetten, emergentie en capaciteitssprongen
Hoe schaalwetten de prestaties van modellen voorspellen, waarom emergente capaciteiten onvoorspelbare beveiligingseigenschappen creëren, en wat slapende capaciteiten en emergente misalignment betekenen voor red teaming.
Geavanceerde AI red team-labs
Advanced hands-on labs covering automated attack algorithms, production red team tooling, multi-model testing, and sophisticated exploitation techniques for experienced AI security practitioners.
Lab: geavanceerde RAG-manipulatie
Perform sophisticated RAG manipulation including embedding space attacks, metadata poisoning, and retrieval algorithm gaming.
Evaluatie van adversarial robuustheid
Build a comprehensive adversarial robustness evaluation framework for assessing model security posture.
Lab: onderzoek van alignment-grenzen
Systematically probe alignment boundaries to map the exact thresholds where safety training engages and disengages.
Lab: een aanvalsketen construeren
Hands-on lab for chaining three or more distinct vulnerabilities into a complete exploit sequence that achieves objectives impossible with any single technique alone.
Lab: adversarial voorbeelden in audio
Hands-on lab for crafting adversarial audio perturbations that cause speech-to-text models and voice assistants to misinterpret spoken commands, demonstrating attacks on audio AI systems.
Lab: AutoDAN implementeren
Implement the AutoDAN methodology for generating stealthy human-readable jailbreak prompts using LLM feedback.
Framework voor geautomatiseerde verdedigingsevaluatie
Build an automated framework to evaluate defensive measures across attack categories.
Lab: een geautomatiseerde red team-pijplijn bouwen
Build a complete automated red teaming pipeline with attack generation, execution, scoring, and reporting.
Lab: persistentie van backdoors door veiligheidstraining
Test whether fine-tuned backdoors persist through subsequent safety training rounds and RLHF alignment.
Lab: beveiligingsbeoordeling van cloud-AI
Conduct an end-to-end security assessment of a cloud-deployed AI service, covering API security, model vulnerabilities, data handling, and infrastructure configuration.
Lab: cloud-AI-beoordeling
Hands-on lab for conducting an end-to-end security assessment of a cloud-deployed AI system including infrastructure review, API testing, model security evaluation, and data flow analysis.
Lab: technieken om Constitutional AI te omzeilen
Test and bypass Constitutional AI safety mechanisms by exploiting the critique-revision training methodology.
Lab: cross-linguale transfer-aanvallen
Develop attacks in one language that transfer to others by exploiting shared multilingual representation spaces.
Cross-model transfer-aanvallen
Develop attacks on open-source models that transfer to closed-source commercial APIs.
Cross-plug-in exploitatieketen
Chain exploits across multiple LLM plugins to achieve capabilities not available through any single plugin.
Lab: poisoning van het trainingscurriculum
Exploit training data ordering and curriculum learning to amplify the impact of small numbers of poisoned examples.
Training van een custom safety-classifier
Train a custom input safety classifier and then develop payloads that reliably evade it to understand classifier limitations.
Lab: eigen test-harness voor specifieke applicaties
Build a tailored testing framework for a specific AI application, with custom attack generators, domain-specific evaluators, and application-aware reporting.
War game: verdediging versus red team
Alternate between attacking and defending an LLM application to develop skills in both offensive and defensive operations.
Differentieel testen over modellen heen
Use differential testing to find behavior inconsistencies across model providers.
Lab: simulatie van aanvallen op gedistribueerde training
Simulate attacks on distributed training infrastructure including gradient poisoning and aggregation manipulation.
Adversarial verstoring van embeddings
Craft adversarial inputs that produce target embeddings for retrieval manipulation.
Lab: evaluatieframeworks manipuleren
Demonstrate how to game safety evaluation frameworks to produce artificially high safety scores while retaining vulnerabilities.
Lab: poisoning-aanvallen op federated learning
Execute model poisoning attacks in a federated learning simulation by manipulating local model updates.
Backdoor invoegen via fine-tuning
Insert a triggered backdoor during fine-tuning that activates on specific input patterns.
Lab: implementatie van een gradient-gebaseerde aanval
Implement gradient-based adversarial attacks on open-weight models including PGD, FGSM adapted for text inputs.
Gradient-gestuurde datavergiftiging
Use gradient information from open-source models to craft optimally poisoned training examples.
Ensemble om guardrails te omzeilen
Build an ensemble attack system that combines multiple bypass techniques for robustness.
Lab: misbruik van rekenkracht tijdens inferentie
Exploit inference-time compute scaling to manipulate reasoning depth and resource consumption in thinking models.
Lab: analyse van de overdraagbaarheid van jailbreaks
Analyze jailbreak transferability across model families to discover universal vulnerability patterns.
Lab: volledig misbruik van MCP
Hands-on lab for conducting a complete Model Context Protocol server compromise including tool enumeration, permission escalation, cross-tool attacks, and data exfiltration through MCP channels.
Multi-hop misbruik van MCP-servers
Chain exploits across multiple MCP servers to achieve lateral movement in agent systems.
Lab: extractie van langetermijngeheugen
Extract information from long-term agent memory stores through crafted queries and memory retrieval manipulation.
Lab: beveiliging van modeldistillatie
Extract model capabilities through distillation techniques using only black-box API access.
Lab: beveiligingsanalyse van model merging
Analyze security implications of model merging techniques and test for backdoor propagation through merged model weights.
Lab: modelsturing met activatievectoren
Use activation steering vectors to control model behavior without prompt modification for security testing.
Lab: een multimodale aanvalsketen construeren
Construct attack chains that span text, image, and audio modalities to exploit cross-modal processing gaps.
Multi-objective aanvalsoptimalisatie
Optimize attack payloads for multiple simultaneous objectives: jailbreaking, data extraction, and defense evasion.
Lab: geavanceerde multi-turn-aanvallen
Hands-on lab for executing 20+ turn conversation steering strategies that gradually erode AI safety boundaries to extract protected information through patient, escalating dialogue.
Multi-turn crescendo-aanval
Implement Microsoft's Crescendo attack pattern for gradual multi-turn jailbreaking.
Lab voor multimodale aanvalsketens
Chain attacks across text, image, and structured data modalities to exploit multimodal system vulnerabilities.
Lab: detectie van trojans in neurale netwerken
Implement and test neural network trojan detection methods including activation clustering and spectral analysis.
Misbruik van uitvoerbeperkingen
Exploit structured output requirements to force models into revealing restricted information.
Lab voor simulatie van een productieomgeving
Test attacks against a simulated production environment with realistic logging, monitoring, and alerting.
Lab: een prompt injection-compiler bouwen
Build a compiler that transforms high-level attack specifications into optimized prompt injection payloads.
Promptlekkage via log probabilities
Extract system prompt information using token log probability analysis.
Lab: purple team-oefening
Simultaneously attack and defend an AI application in a structured exercise where red team findings immediately inform blue team defensive improvements.
Lab: purple team-oefening (lab voor gevorderden)
Hands-on lab for conducting simultaneous attack and defense operations against an AI system with real-time metrics tracking, adaptive defense deployment, and coordinated red-blue team workflows.
Lab: beveiligingstesten van kwantisatie
Test behavioral differences between full-precision and quantized models to discover quantization-induced vulnerabilities.
Geavanceerde RAG-poisoning-technieken
Execute sophisticated RAG poisoning including gradient-guided document crafting.
Lab: aanval op de volledige RAG-keten
Hands-on lab for executing a complete RAG attack chain from document injection through retrieval manipulation to data exfiltration, targeting every stage of the Retrieval-Augmented Generation pipeline.
Lab: manipulatie van reasoning traces
Manipulate chain-of-thought reasoning traces to inject false premises and redirect model conclusions.
Lab: geavanceerde red team-orchestratie
Build an advanced red team orchestration system that coordinates multiple attack agents against a defended target.
Lab: representation engineering voor beveiliging
Use representation engineering to analyze and manipulate internal model representations for security research.
Representation probing voor kwetsbaarheden
Probe internal model representations to identify exploitable features and develop representation-level attacks.
Lab: geavanceerde reward hacking-technieken
Develop reward hacking exploits that manipulate RLHF reward models through adversarial optimization.
Lab voor analyse van reward-modellen
Analyze and exploit reward model biases to craft responses that score high on safety while embedding harmful content.
Gaming van reward-modellen (geavanceerd lab)
Craft inputs that score highly on reward models while containing adversarial content.
Lab: misbruik van RLHF-training
Exploit reward model weaknesses to craft inputs that score highly on safety metrics while achieving adversarial objectives.
Lab: modelextractie van een veiligheidsclassifier
Extract the decision boundary of safety classifiers through systematic probing to craft maximally evasive payloads.
Inversie van veiligheidsclassifiers
Reverse-engineer safety classifier decision boundaries through systematic probing.
Lab: misbruik van sparse attention
Exploit sparse attention patterns in long-context models to hide injection payloads in low-attention regions.
Lab: poisoning van de model-supply chain
Simulate model supply chain attacks by injecting backdoors into model weights distributed through public registries.
Lab: adversarial optimalisatie op tokenniveau
Implement token-level adversarial optimization to discover minimal perturbations that bypass safety training.
Lab: lateral movement via de tool-keten
Chain tool call exploits to achieve lateral movement across services connected to LLM agent systems.
Lab: ontwikkeling van transfer-aanvallen
Hands-on lab for crafting adversarial prompts on open-weight models like Llama that transfer to closed-source models like Claude and GPT-4, using iterative refinement and cross-model evaluation.
Lab: ontwikkeling van transfer-aanvallen (lab voor gevorderden)
Develop adversarial attacks on open-source models that transfer to closed-source models, leveraging weight access for black-box exploitation.
A2A protocol task injection
Inject malicious tasks into Agent-to-Agent protocol communication channels to redirect multi-agent workflows.
Tampering met de workflow-state van agents
Manipulate agent workflow state machines to skip validation steps and reach privileged execution paths.
Manipulatie van attention-patronen
Craft inputs that manipulate transformer attention patterns to prioritize adversarial content over safety instructions.
Audio injection via speech-to-text-modellen
Craft adversarial audio that embeds prompt injection payloads when transcribed by speech-to-text models.
AutoDAN implementeren en testen
Implement the AutoDAN methodology for generating human-readable stealthy jailbreak prompts using gradient guidance.
Constitutional classifier omzeilen
Develop techniques to bypass Anthropic-style constitutional classifiers through adversarial input crafting.
Cross-model GCG transfer-aanvallen
Generate adversarial suffixes on open-source models and test their transferability to commercial APIs.
Een dashboard voor red team-resultaten bouwen
Build a real-time dashboard for tracking and visualizing red team campaign results across targets and techniques.
Analyse van differentieel modelgedrag
Use differential testing across model versions and providers to discover inconsistent safety behaviors.
Implementatie van embedding-inversieaanval
Implement embedding inversion to recover original text from vector database embeddings.
Aanval om alignment via fine-tuning te verwijderen
Use fine-tuning API access to systematically remove safety alignment with minimal training examples.
Visuele injection-aanval op GUI-agents
Inject adversarial content into screenshots and UI elements processed by computer-use AI agents.
Eigen aanval indienen bij HarmBench
Develop and evaluate custom attack methods against the HarmBench standardized evaluation framework.
Lab: misbruik van LangChain-CVE's
Reproduce and analyze LangChain CVEs including CVE-2023-29374 and CVE-2023-36258 in a safe lab environment.
Aanval om een backdoor in LoRA in te voegen
Insert triggered backdoors through LoRA fine-tuning that activate on specific input patterns while passing safety evals.
Pivot-keten over meerdere MCP-servers
Chain exploits across multiple MCP servers to achieve lateral movement and capability escalation in agent systems.
Agent memory injection voor persistente toegang
Inject persistent instructions into agent memory systems that survive across conversation sessions.
Misbruik van vertrouwensgrenzen in multi-agent-systemen
Exploit trust boundaries between cooperating agents to escalate privileges and access restricted capabilities.
Orkestratie van multimodale aanvalsketens
Orchestrate attacks across text, image, and document modalities to bypass per-modality safety filters.
Ontwikkeling van een red team-testsuite met promptfoo
Build comprehensive red team test suites in Promptfoo with custom graders and multi-model targeting.
Regressietesten van veiligheid bij kwantisatie
Test how model quantization (INT8, INT4, GPTQ) degrades safety alignment and introduces exploitable gaps.
Toegangscontrole van RAG omzeilen
Bypass document-level access controls in enterprise RAG systems through query manipulation and context injection.
Misbruik van reasoning traces in CoT-modellen
Exploit visible chain-of-thought reasoning traces in models like o1 and DeepSeek-R1 to manipulate outputs.
Representation probing voor het ontdekken van kwetsbaarheden
Probe model internal representations to discover exploitable features and latent vulnerability patterns.
Adversarial misbruik van reward models
Craft inputs that exploit reward model weaknesses to achieve high safety scores while containing harmful content.
Reverse engineering van veiligheidsclassifiers
Reverse-engineer a safety classifier's decision boundaries through systematic adversarial probing.
Technieken voor sandbox escape van code-agents
Develop and test sandbox escape techniques against code execution environments in AI coding assistants.
Steganografische payloads in afbeeldingen verbergen
Hide prompt injection payloads in images using steganographic techniques undetectable to human observers.
Extractie van trainingsdata uit productie-LLM's
Implement Carlini et al.'s techniques to extract memorized training data from production language model APIs.
Detectie en verwijdering van LLM-watermerken
Detect and remove statistical watermarks from LLM-generated text while preserving content quality.
Lab: detectie en verwijdering van LLM-watermerken
Detect and analyze LLM text watermarks using statistical methods and test watermark removal through paraphrasing.
CTF: Cloud AI Heist
Extract secrets from a cloud-deployed AI application by exploiting misconfigurations, SSRF, metadata endpoints, and model-level vulnerabilities in a realistic cloud environment.
CTF: Defense Breaker
Bypass progressively sophisticated defense mechanisms protecting an AI system. Each level introduces a new defense layer while retaining all previous defenses, testing your ability to adapt and chain bypass techniques.
CTF: Fine-Tune Detective
Detect backdoors in fine-tuned language models through behavioral analysis, weight inspection, and activation pattern examination. Practice the forensic techniques needed to identify compromised models before deployment.
CTF: AI-forensics onderzoek
Analyze logs, model outputs, and system artifacts to reconstruct an AI security incident. Develop forensic analysis skills for AI-specific attack patterns, data exfiltration traces, and adversarial prompt detection.
CTF: supply chain-aanval
Find and exploit vulnerabilities in an ML supply chain including compromised dependencies, poisoned models, backdoored training data, and malicious model files. Practice ML-specific supply chain security assessment.
Geavanceerde encoding chain-aanvallen
Chain multiple encoding schemes to bypass multi-layer input filters in production LLM applications.
Lab: geavanceerd misbruik van function calling
Exploit advanced function calling patterns including nested calls, parallel execution, and schema manipulation.
Lab: geavanceerde RAG-poisoning
Hands-on lab for crafting documents that reliably get retrieved and influence RAG responses for specific target queries.
Geavanceerde token smuggling
Use Unicode homoglyphs, zero-width characters, and tokenizer quirks to smuggle payloads.
Simulatie: AI-bug bounty
Find and report vulnerabilities in a simulated AI bug bounty program, practicing professional vulnerability disclosure and bounty-eligible reporting.
Simulatie: Red vs Blue
Competitive exercise where teams alternate between attacking and defending an AI application, scoring points for successful attacks and effective defenses.
Cross-context injection (prompt injection)
Prompt injection-technieken die over contextgrenzen heen blijven bestaan: ze overleven conversatie-resets, sessiewisselingen, geheugengrenzen en handoffs tussen meerdere agents.
Verdediging ontwijken
Geavanceerde technieken om veiligheidsfilters, contentclassifiers, guardrails en detectiesystemen te omzeilen die zijn ingezet om LLM-applicaties te beschermen.
Programma's voor continue redteaming
Doorlopende AI-redteamprogramma's ontwerpen en uitvoeren met geautomatiseerde testpijplijnen, metric-dashboards, KPI-frameworks, alert-gedreven assessments en integratie met CI/CD- en modeldeploymentworkflows.
Purple teaming voor AI
Samenwerkingsoefeningen tussen aanval en verdediging voor AI-systemen: het structureren van purple team-engagements, realtime kennisoverdracht, gezamenlijke aanvalssimulatie en het meten van defensieve verbetering via iteratief testen.
Geavanceerde aanvalsvectoren voor training
Geavanceerde trainingsaanvallen: vergiftiging van federated learning, exploits van model merging, kwetsbaarheden in distributed training, risico's van emergente capaciteiten en aanvallen op synthetische-datapipelines.
Samengestelde aanvallen aan elkaar koppelen
Combining multiple prompt injection techniques into compound attacks that defeat layered defenses, building attack chains that leverage the strengths of each individual technique.
Walkthrough: geavanceerde contextmanipulatie
Manipulate conversation context through history injection, context overflow, and attention weight exploitation.
De instructiehiërarchie omzeilen
Advanced techniques to bypass instruction priority and hierarchy enforcement in language models, exploiting conflicts between system, user, and assistant-level directives.
Progressieve multi-turn-injectie
Gradually escalating prompt injection across conversation turns to build compliance, using psychological techniques like foot-in-the-door and norm erosion.
Walkthrough: geavanceerde prompt leaking
Advanced techniques for extracting system prompts including iterative reconstruction and side-channel methods.
Recursieve injectieketens
Creating self-reinforcing injection chains that amplify across conversation turns, building compound prompts where each step strengthens the next injection's effectiveness.
Handhaving van de instructiehiërarchie (verdediging-walkthrough)
Step-by-step walkthrough for enforcing instruction priority in LLM applications, ensuring system-level instructions always take precedence over user inputs through privilege separation, instruction tagging, and validation layers.
Geavanceerde configuratie van NeMo Guardrails
Advanced NeMo Guardrails configuration including custom actions, knowledge base integration, and multi-model pipelines.
Geavanceerde configuratiegids voor garak
Deep dive into Garak's configuration system including custom probes, detectors, and generators.
Custom Garak-probes schrijven voor nieuwe aanvalsvectoren
Geavanceerde walkthrough voor het bouwen van custom Garak-probes die nieuwe en opkomende aanvalsvectoren targeten, met behandeling van probe-architectuur, payloadgeneratie, koppeling van detectoren en integratie in geautomatiseerde scanpipelines.
Custom garak-detectors bouwen
Advanced walkthrough on creating custom garak detectors for specific success criteria, including regex-based detectors, ML-based classifiers, multi-signal scoring, and integration with external evaluation services.
Garak-generatorplugins schrijven voor aangepaste API-doelen
Advanced walkthrough on writing garak generator plugins to connect to custom API endpoints, proprietary model servers, and non-standard inference interfaces for vulnerability scanning.
Garak-probes opzetten voor MCP-toolinteracties
Advanced walkthrough on configuring garak probes that target Model Context Protocol (MCP) tool interactions, testing for tool misuse, privilege escalation through tools, and data exfiltration via tool calls.