Labs & Hands-On Practice

Progressive hands-on lab exercises spanning beginner to expert difficulty, including CTF challenges and full engagement simulations for AI red teaming skill development.

Reading about attack techniques is necessary but not sufficient. The gap between understanding a concept and executing it against a live system is where real skill is built. This lab section provides over 80 hands-on exercises spanning six difficulty tiers, from your first prompt injection to multi-agent warfare scenarios that simulate production-grade adversarial campaigns.

Every lab is designed to teach by doing. Rather than presenting solutions to memorize, labs present target systems, define objectives, and challenge you to find your own path. Hints are available when you are stuck, but the primary learning happens in the struggle of figuring out why your attack failed and iterating until it succeeds. This mirrors the reality of professional red teaming, where creative problem-solving under uncertainty is the core skill.

Lab Progression

The labs are organized into six tiers that build skills progressively. Each tier assumes competency from the previous one.

Beginner labs establish the fundamental skills: setting up your testing environment, making your first API calls, crafting basic prompt injections, extracting system prompts, and using entry-level tools like Garak. These labs assume no prior red teaming experience and guide you through each step. If you can complete all beginner labs, you have the baseline skills to begin learning intermediate techniques.

Intermediate labs introduce the core attack techniques that form the backbone of professional AI red teaming. Defense bypass, function calling abuse, agent exploitation, indirect injection, RAG poisoning, MCP abuse, embedding manipulation, and multi-turn attack strategies are all practiced against moderately defended systems. These labs require you to adapt techniques to the specific target rather than following a recipe.

Advanced labs combine multiple attack vectors and require sophisticated tool usage. PAIR and TAP automated attacks, adversarial suffix generation, fine-tuning backdoors, multi-model testing, guardrail bypass chains, and custom harness development push you to integrate knowledge across domains. These labs often have multiple solution paths, and the most elegant solutions require creative combination of techniques.

Expert labs represent the highest individual difficulty tier. Watermark removal, quantization exploitation, multi-agent warfare, reward hacking, and GUI agent exploitation require deep technical understanding and the ability to develop novel approaches. These labs may take multiple sessions to complete and often require reading research papers to understand the underlying vulnerability.

CTF challenges are competitive-format exercises where you must capture flags hidden behind layered defenses. Each CTF combines multiple vulnerability types and requires chaining techniques. The Jailbreak Gauntlet, RAG Infiltrator, Agent Heist, Alignment Breaker, Defense Gauntlet, and Supply Chain Saboteur each present a distinct scenario that tests your ability to identify and exploit vulnerabilities under constraints.

Full engagement simulations replicate the experience of a real AI red team assessment from start to finish. You scope the engagement, conduct reconnaissance, execute attacks, and produce a professional report. Simulations cover chatbot assessment, agentic workflow testing, code assistant security, healthcare AI, RAG enterprise systems, and multimodal applications. Completing a simulation means you are ready to participate in real client engagements.

What You'll Find in This Section

• Beginner Labs -- Environment setup, first API calls, basic prompt injection, system prompt extraction, jailbreak basics, encoding and obfuscation, output manipulation, role-play attacks, defense evasion fundamentals, and tool introductions
• Intermediate Labs -- Defense bypass, function calling abuse, agent exploitation, indirect injection, MCP abuse, RAG poisoning, embedding manipulation, multi-turn attacks, token smuggling, data exfiltration, memory poisoning, and LLM judge testing
• Advanced Labs -- PAIR and TAP attacks, adversarial suffix generation, fine-tuning backdoors, guardrail bypass chains, custom harness development, multi-model testing, multimodal attack chains, and red team orchestration
• Expert Labs -- Watermark removal, quantization exploitation, multi-agent warfare, reward hacking, and GUI agent exploitation
• CTF Challenges -- Competitive capture-the-flag exercises covering jailbreaking, RAG infiltration, agent exploitation, alignment breaking, defense testing, and supply chain attacks
• Full Engagement Simulations -- End-to-end assessment simulations covering chatbot, agentic workflow, code assistant, healthcare AI, RAG enterprise, multimodal application, and other deployment scenarios

Prerequisites

Lab prerequisites vary by tier:

• Beginner -- Python basics, ability to use a command line, willingness to experiment
• Intermediate -- Completion of beginner labs, familiarity with the corresponding curriculum sections
• Advanced -- Solid intermediate skills, comfort with Python scripting and API automation
• Expert -- Strong ML background, experience with PyTorch and model manipulation
• CTF/Simulations -- Broad skills across multiple domains, professional red team mindset