# ctf
標記為「ctf」的 65 篇文章
頂石專案:設計並舉辦對抗性 ML 競賽
設計、打造並營運奪旗 (CTF) 風格的對抗性 ML 競賽,具備自動化評分、多樣化的挑戰類別,以及即時排行榜。
2026 秋季 CTF:進階攻擊研究
需新穎技術發展、研究級問題解決與 AI 系統中原創漏洞發現之專家級 CTF。
季度競賽概觀
每季一次之 capture-the-flag 競賽概觀,涵蓋自提示注入到進階攻擊研究之 AI 安全主題。
2026 春季 CTF:多類別 AI 安全
跨 5 個類別 20 個旗幟之多類別 AI 安全奪旗競賽:提示注入、代理利用、RAG 攻擊、模型安全與鑑識。
2026 年夏季 CTF:代理 AI 安全
以代理 AI 安全為焦點之 CTF,具涵蓋工具利用、多代理攻擊、間接注入與代理持久性之升級代理挑戰。
週 CTF:越獄系列
每週越獄挑戰,每週使用新模型與新防禦。
週 CTF:提示詞萃取系列
每週 CTF 挑戰系列,聚焦於從防禦逐步加強的系統中萃取系統提示詞。
CTF:代理升級
聚焦利用代理 AI 系統之五旗幟 CTF 挑戰。自基礎工具濫用漸進至特權升級、間接注入、記憶投毒,與多代理鏈攻擊。
Agent Heist: Level 2 — MCP Server Takeover
Take control of an MCP-enabled agent by 投毒 tool descriptions and chaining exploits.
CTF:代理劫案
多階段代理利用挑戰,你滲透 AI 代理之工具生態系、提升權限並於不觸發安全警報下外洩目標資料。
Alignment Breaker: Level 2 — Safety Fine-Tuned Model
Bypass safety 微調 on a model with RLHF, constitutional AI, and classifier-based defenses.
CTF: Alignment Breaker
Break the 對齊 of a heavily defended model with multiple defense layers. Requires combining advanced 技術 including 對抗性 suffixes, multi-turn manipulation, and novel 越獄 approaches.
CTF:Boss Rush
跨多個 AI 模型依序串接攻擊。每個模型守衛下一個,於每一階段需不同攻擊技術。擊敗全部五個模型以擷取最終 flag——終極紅隊挑戰。
CTF:雲端 AI 劫案
透過利用組態錯誤、SSRF、metadata 端點與模型層漏洞,從部署於雲端的 AI 應用中擷取機密。
Cloud Infiltrator Challenge
Navigate through cloud AI service misconfigurations to access a protected model endpoint與extract its secrets.
CTF:程式碼生成攻擊
操弄 AI 程式碼生成使其產出有漏洞、含後門或惡意的程式碼。從細微的漏洞注入到完整後門植入,探索提示操弄如何影響程式碼安全。
Context Heist: System Prompt Extraction Championship
Extract 系統提示詞s from 10 progressively harder LLM applications using diverse 技術.
Data Heist Challenge
萃取a secret database of customer records from a RAG-enabled chatbot with strict data access controls.
CTF:Defense Breaker
繞過逐步增強、保護 AI 系統的防禦機制。每一關加入新的防禦層同時保留所有先前防禦,考驗你適應與串接繞過技術的能力。
防禦 Destroyer Challenge
繞過a state-of-the-art multi-layer defense system to extract a protected secret from the model.
Defense Gauntlet: Level 2 — Layered Security
Bypass a layered defense system with input classification, 護欄s, and output filtering.
CTF:防禦挑戰賽(藍隊)
藍隊 CTF 挑戰:你要建構並防禦一個 AI 聊天機器人,對抗一連串日益精密的自動化攻擊。
Encoding Maestro Challenge
Solve 10 encoding puzzles that require creative use of Base64,Unicode,ROT13,custom encodings to bypass filters.
CTF:Fine-Tune 偵探
透過行為分析、權重檢視與激活模式檢查,偵測微調語言模型中的後門。練習於部署前辨識被汙染模型所需的鑑識技術。
Forensics Detective Challenge
分析logs與artifacts from an AI security incident to reconstruct the attack chain與identify the attacker's technique.
CTF:AI 鑑識調查
分析日誌、模型輸出與系統產物以重建 AI 安全事件。發展針對 AI 特有攻擊模式、資料外洩痕跡,與對抗提示偵測之鑑識分析技能。
Guardrail Olympics: Multi-Framework Bypass
Bypass 護欄 implementations from NeMo, LLM Guard, Rebuff, and custom classifiers.
Jailbreak Gauntlet: Level 2 — Adaptive Defenses
Break through adaptive defense systems that learn from your previous attack attempts.
CTF:越獄考驗
A series of progressively harder 越獄 challenges where each level adds stronger defenses. Score points through technique diversity and creativity as you break through escalating safety layers.
模型 Whisperer Challenge
萃取the exact 系統提示詞 from 8 progressively harder LLM applications using creative extraction techniques.
CTF: Multimodal Maze
Navigate a multimodal challenge using image, text, and audio injection vectors. Each modality unlocks the next stage of the maze, requiring cross-modal attack chaining.
提示詞 Smuggler Challenge
Smuggle a specific payload through 5 layers of increasingly精密的 input filtering to capture the flag.
CTF:RAG 劫案
透過利用檢索機制、文件解析、嵌入操弄與上下文視窗管理漏洞,從檢索增強生成(RAG)系統中擷取敏感資訊。
RAG Infiltrator: Level 2 — Enterprise Knowledge Base
Infiltrate and exfiltrate data from a multi-tier enterprise RAG system with access controls.
CTF: RAG Infiltrator
Poison a RAG system to return attacker-controlled content for specific queries. Score based on precision of targeting and stealth of the injected documents.
Shadow 代理 Challenge
Take covert control of a 多代理 system by poisoning inter-agent communication without triggering monitors.
Supply Chain Saboteur: Level 2 — Model Registry
Compromise a model registry to inject 後門ed model weights into a deployment pipeline.
CTF: Supply Chain Saboteur
Identify and exploit supply chain vulnerabilities in a model deployment pipeline. Find poisoned models, exploit malicious packages, and compromise the ML infrastructure.
CTF:供應鏈攻擊
尋找並利用 ML 供應鏈漏洞,包括遭入侵相依、被投毒模型、被植後門訓練資料與惡意模型檔。練習 ML 特有的供應鏈安全評估。
Time Traveler Challenge
利用 conversation memory與session management to manipulate the temporal context of an AI assistant.
Token Wars: Adversarial Optimization Challenge
Optimize 對抗性 符元s to achieve target model behaviors under strict character limits.
工具 Master Challenge
利用 the tool-use capabilities of an agent system to access unauthorized functions與capture hidden flags.
代理 Maze Runner: Multi-工具 Navigation
Navigate a maze of agent tools,each with unique vulnerabilities,to reach與exfiltrate a hidden flag.
AI Wargame: Attacker vs Defender Real-Time
Compete in a real-time wargame where you attack an LLM system while an AI defender adapts to your techniques.
Classifier Gauntlet: 10-Stage Evasion
繞過10 progressively harder input classifiers using different evasion techniques at each stage.
Data Heist: Multi-Channel Exfiltration
Exfiltrate a secret key through a heavily monitored LLM system using covert exfiltration channels.
防禦 Builder: Construct and Survive
Build defensive guardrails for an LLM application與survive 100 automated attack rounds.
AI Escape Room: 代理 Breakout Challenge
突破an AI agent out of its sandboxed environment by chaining tool-use vulnerabilities與injection techniques.
Function Calling Fortress Breach
繞過function calling restrictions to invoke unauthorized tools與extract a flag from a sandboxed agent.
護欄 Speedrun: Fastest 繞過 Challenge
繞過5 different guardrail implementations as fast as possible in a timed competition format.
Invisible Ink: Hidden Payload 萃取 Challenge
萃取a hidden flag by decoding multiple layers of obfuscation in model responses across encoded channels.
MCP Server Takeover Challenge
Compromise an MCP server through tool description injection與use it to pivot to other connected services.
Multimodal Cipher: Cross-Modal Decryption
Decode a flag split across text,image,audio inputs processed by a multimodal AI system.
Polyglot 注入 Challenge
Craft a single injection payload that works across 5 different languages與3 different model providers.
提示詞 Archaeology: Deep 系統 提示詞 Recovery
Recover fragments of a deeply hidden,multi-layer 系統提示詞 using various extraction techniques.
RAG Treasure Hunt: Vector DB Infiltration
Infiltrate a 向量資料庫 by crafting documents that surface for specific queries to reveal flag fragments.
Reasoning 鏈 Hijack: CoT 利用 CTF
Hijack a reasoning model's chain-of-thought,以重新導向 its conclusions while maintaining coherent reasoning.
Red vs Blue Tournament Challenge
Alternate between attacking與defending LLM systems in a scored tournament format.
Stealth Exfiltration Challenge: Zero 偵測
Exfiltrate data from a monitored LLM system without triggering any of the deployed anomaly detectors.
供應鏈 Detective: Find the 後門
分析a model pipeline to find where a backdoor was inserted — data,training,or post-processing.
Time Bomb Defusal: Sleeper 代理 偵測
Detect與neutralize a sleeper agent behavior trigger hidden in a fine-tuned model before it activates.
Token Smuggler Extreme: 對抗性 Token Crafting
Craft adversarial token sequences under extreme character limits to achieve target model behaviors.
AI 紅隊演練 CTF 挑戰
Overview of Capture-the-Flag challenges for AI 紅隊演練. 學習 the CTF format, scoring system, rules, hints, and strategies for approaching AI security competitions.
實作實驗與動手練習
從入門到專家難度的漸進式動手實作練習,包含 CTF 挑戰與完整案件模擬,用於培養 AI 紅隊演練技能。
競賽風格注入技術
AI 紅隊競賽與 CTF 挑戰中常用的注入技術。