# ctf
標記為「ctf」的 130 篇文章
Capstone: Design and Run an Adversarial ML Competition
Design, build, and operate a capture-the-flag style adversarial ML competition with automated scoring, diverse challenge categories, and real-time leaderboards.
Fall 2026 CTF: Advanced Attack Research
An expert-level CTF requiring novel technique development, research-grade problem solving, and original vulnerability discovery in AI systems.
Seasonal Competitions Overview
Overview of quarterly capture-the-flag competitions covering AI security topics from prompt injection to advanced attack research.
Spring 2026 CTF: Multi-Category AI Security
A multi-category AI security capture-the-flag competition with 20 flags across 5 categories: prompt injection, agent exploitation, RAG attacks, model security, and forensics.
Summer 2026 CTF: Agentic AI Security
An agentic AI security focused CTF with escalating agent challenges covering tool exploitation, multi-agent attacks, indirect injection, and agent persistence.
Weekly CTF: Jailbreak Series
Weekly jailbreak challenges with new models and defenses each week.
Weekly CTF: Prompt Extraction Series
Weekly CTF challenge series focused on extracting system prompts from increasingly defended systems.
CTF: Agent Escalation
Five-flag CTF challenge focused on exploiting agentic AI systems. Progress from basic tool abuse through privilege escalation, indirect injection, memory poisoning, and multi-agent chain attacks.
Agent Heist: Level 2 — MCP Server Takeover
Take control of an MCP-enabled agent by poisoning tool descriptions and chaining exploits.
CTF: Agent Heist
A multi-stage agent exploitation challenge where you infiltrate an AI agent's tool ecosystem, escalate privileges, and exfiltrate target data without triggering security alerts.
Alignment Breaker: Level 2 — Safety Fine-Tuned Model
Bypass safety fine-tuning on a model with RLHF, constitutional AI, and classifier-based defenses.
CTF: Alignment Breaker
Break the alignment of a heavily defended model with multiple defense layers. Requires combining advanced techniques including adversarial suffixes, multi-turn manipulation, and novel jailbreak approaches.
CTF: Boss Rush
Chain attacks across multiple AI models in sequence. Each model guards the next, requiring different attack techniques at each stage. Defeat all five models to extract the final flag in this ultimate red teaming challenge.
CTF: Cloud AI Heist
Extract secrets from a cloud-deployed AI application by exploiting misconfigurations, SSRF, metadata endpoints, and model-level vulnerabilities in a realistic cloud environment.
Cloud Infiltrator Challenge
Navigate through cloud AI service misconfigurations to access a protected model endpoint and extract its secrets.
CTF: Code Gen Exploit
Manipulate AI code generation to produce vulnerable, backdoored, or malicious code. Explore how prompt manipulation influences code security, from subtle vulnerability injection to full backdoor insertion.
Context Heist: System Prompt Extraction Championship
Extract system prompts from 10 progressively harder LLM applications using diverse techniques.
Data Heist Challenge
Extract a secret database of customer records from a RAG-enabled chatbot with strict data access controls.
CTF: Defense Breaker
Bypass progressively sophisticated defense mechanisms protecting an AI system. Each level introduces a new defense layer while retaining all previous defenses, testing your ability to adapt and chain bypass techniques.
Defense Destroyer Challenge
Bypass a state-of-the-art multi-layer defense system to extract a protected secret from the model.
Defense Gauntlet: Level 2 — Layered Security
Bypass a layered defense system with input classification, guardrails, and output filtering.
CTF: Defense Gauntlet (Blue Team)
Blue team CTF challenge where you build and defend an AI chatbot against a series of increasingly sophisticated automated attacks.
Encoding Maestro Challenge
Solve 10 encoding puzzles that require creative use of Base64, Unicode, ROT13, and custom encodings to bypass filters.
CTF: Fine-Tune Detective
Detect backdoors in fine-tuned language models through behavioral analysis, weight inspection, and activation pattern examination. Practice the forensic techniques needed to identify compromised models before deployment.
Forensics Detective Challenge
Analyze logs and artifacts from an AI security incident to reconstruct the attack chain and identify the attacker's technique.
CTF: AI Forensics Investigation
Analyze logs, model outputs, and system artifacts to reconstruct an AI security incident. Develop forensic analysis skills for AI-specific attack patterns, data exfiltration traces, and adversarial prompt detection.
Guardrail Olympics: Multi-Framework Bypass
Bypass guardrail implementations from NeMo, LLM Guard, Rebuff, and custom classifiers.
Jailbreak Gauntlet: Level 2 — Adaptive Defenses
Break through adaptive defense systems that learn from your previous attack attempts.
CTF: The Jailbreak Gauntlet
A series of progressively harder jailbreak challenges where each level adds stronger defenses. Score points through technique diversity and creativity as you break through escalating safety layers.
Model Whisperer Challenge
Extract the exact system prompt from 8 progressively harder LLM applications using creative extraction techniques.
CTF: Multimodal Maze
Navigate a multimodal challenge using image, text, and audio injection vectors. Each modality unlocks the next stage of the maze, requiring cross-modal attack chaining.
Prompt Smuggler Challenge
Smuggle a specific payload through 5 layers of increasingly sophisticated input filtering to capture the flag.
CTF: RAG Heist
Extract sensitive information from a Retrieval-Augmented Generation system by exploiting retrieval mechanisms, document parsing, embedding manipulation, and context window management vulnerabilities.
RAG Infiltrator: Level 2 — Enterprise Knowledge Base
Infiltrate and exfiltrate data from a multi-tier enterprise RAG system with access controls.
CTF: RAG Infiltrator
Poison a RAG system to return attacker-controlled content for specific queries. Score based on precision of targeting and stealth of the injected documents.
Shadow Agent Challenge
Take covert control of a multi-agent system by poisoning inter-agent communication without triggering monitors.
Supply Chain Saboteur: Level 2 — Model Registry
Compromise a model registry to inject backdoored model weights into a deployment pipeline.
CTF: Supply Chain Saboteur
Identify and exploit supply chain vulnerabilities in a model deployment pipeline. Find poisoned models, exploit malicious packages, and compromise the ML infrastructure.
CTF: Supply Chain Attack
Find and exploit vulnerabilities in an ML supply chain including compromised dependencies, poisoned models, backdoored training data, and malicious model files. Practice ML-specific supply chain security assessment.
Time Traveler Challenge
Exploit conversation memory and session management to manipulate the temporal context of an AI assistant.
Token Wars: Adversarial Optimization Challenge
Optimize adversarial tokens to achieve target model behaviors under strict character limits.
Tool Master Challenge
Exploit the tool-use capabilities of an agent system to access unauthorized functions and capture hidden flags.
Agent Maze Runner: Multi-Tool Navigation
Navigate a maze of agent tools, each with unique vulnerabilities, to reach and exfiltrate a hidden flag.
AI Wargame: Attacker vs Defender Real-Time
Compete in a real-time wargame where you attack an LLM system while an AI defender adapts to your techniques.
Classifier Gauntlet: 10-Stage Evasion
Bypass 10 progressively harder input classifiers using different evasion techniques at each stage.
Data Heist: Multi-Channel Exfiltration
Exfiltrate a secret key through a heavily monitored LLM system using covert exfiltration channels.
Defense Builder: Construct and Survive
Build defensive guardrails for an LLM application and survive 100 automated attack rounds.
AI Escape Room: Agent Breakout Challenge
Break an AI agent out of its sandboxed environment by chaining tool-use vulnerabilities and injection techniques.
Function Calling Fortress Breach
Bypass function calling restrictions to invoke unauthorized tools and extract a flag from a sandboxed agent.
Guardrail Speedrun: Fastest Bypass Challenge
Bypass 5 different guardrail implementations as fast as possible in a timed competition format.
Invisible Ink: Hidden Payload Extraction Challenge
Extract a hidden flag by decoding multiple layers of obfuscation in model responses across encoded channels.
MCP Server Takeover Challenge
Compromise an MCP server through tool description injection and use it to pivot to other connected services.
Multimodal Cipher: Cross-Modal Decryption
Decode a flag split across text, image, and audio inputs processed by a multimodal AI system.
Polyglot Injection Challenge
Craft a single injection payload that works across 5 different languages and 3 different model providers.
Prompt Archaeology: Deep System Prompt Recovery
Recover fragments of a deeply hidden, multi-layer system prompt using various extraction techniques.
RAG Treasure Hunt: Vector DB Infiltration
Infiltrate a vector database by crafting documents that surface for specific queries to reveal flag fragments.
Reasoning Chain Hijack: CoT Exploitation CTF
Hijack a reasoning model's chain-of-thought to redirect its conclusions while maintaining coherent reasoning.
Red vs Blue Tournament Challenge
Alternate between attacking and defending LLM systems in a scored tournament format.
Stealth Exfiltration Challenge: Zero Detection
Exfiltrate data from a monitored LLM system without triggering any of the deployed anomaly detectors.
Supply Chain Detective: Find the Backdoor
Analyze a model pipeline to find where a backdoor was inserted — data, training, or post-processing.
Time Bomb Defusal: Sleeper Agent Detection
Detect and neutralize a sleeper agent behavior trigger hidden in a fine-tuned model before it activates.
Token Smuggler Extreme: Adversarial Token Crafting
Craft adversarial token sequences under extreme character limits to achieve target model behaviors.
AI Red Teaming CTF Challenges
Overview of Capture-the-Flag challenges for AI red teaming. Learn the CTF format, scoring system, rules, hints, and strategies for approaching AI security competitions.
Labs & Hands-On Practice
Progressive hands-on lab exercises spanning beginner to expert difficulty, including CTF challenges and full engagement simulations for AI red teaming skill development.
Competition-Style Injection Techniques
Injection techniques commonly used in AI red team competitions and CTF challenges.
Capstone: Design and Run an Adversarial ML Competition
Design, build, and operate a capture-the-flag style adversarial ML competition with automated scoring, diverse challenge categories, and real-time leaderboards.
2026 秋季 CTF:進階攻擊研究
需新穎技術發展、研究級問題解決與 AI 系統中原創漏洞發現之專家級 CTF。
季度競賽概觀
每季一次之 capture-the-flag 競賽概觀,涵蓋自提示注入到進階攻擊研究之 AI 安全主題。
2026 春季 CTF:多類別 AI 安全
跨 5 個類別 20 個旗幟之多類別 AI 安全奪旗競賽:提示注入、代理利用、RAG 攻擊、模型安全與鑑識。
2026 年夏季 CTF:代理 AI 安全
以代理 AI 安全為焦點之 CTF,具涵蓋工具利用、多代理攻擊、間接注入與代理持久性之升級代理挑戰。
Weekly CTF: 越獄 Series
Weekly jailbreak challenges with new models and defenses each week.
Weekly CTF: Prompt Extraction Series
Weekly CTF challenge series focused on extracting system prompts from increasingly defended systems.
CTF:代理升級
聚焦利用代理 AI 系統之五旗幟 CTF 挑戰。自基礎工具濫用漸進至特權升級、間接注入、記憶投毒,與多代理鏈攻擊。
代理 Heist: Level 2 — MCP Server Takeover
Take control of an MCP-enabled agent by poisoning tool descriptions and chaining exploits.
CTF:代理劫案
多階段代理利用挑戰,你滲透 AI 代理之工具生態系、提升權限並於不觸發安全警報下外洩目標資料。
Alignment Breaker: Level 2 — Safety Fine-Tuned 模型
Bypass safety fine-tuning on a model with RLHF, constitutional AI, and classifier-based defenses.
CTF: Alignment Breaker
Break the alignment of a heavily defended model with multiple defense layers. Requires combining advanced techniques including adversarial suffixes, multi-turn manipulation, and novel jailbreak approaches.
CTF:Boss Rush
跨多個 AI 模型依序串接攻擊。每個模型守衛下一個,於每一階段需不同攻擊技術。擊敗全部五個模型以擷取最終 flag——終極紅隊挑戰。
CTF:雲端 AI 劫案
透過利用組態錯誤、SSRF、metadata 端點與模型層漏洞,從部署於雲端的 AI 應用中擷取機密。
Cloud Infiltrator Challenge
Navigate through cloud AI service misconfigurations to access a protected model endpoint and extract its secrets.
CTF:程式碼生成攻擊
操弄 AI 程式碼生成使其產出有漏洞、含後門或惡意的程式碼。從細微的漏洞注入到完整後門植入,探索提示操弄如何影響程式碼安全。
Context Heist: System Prompt Extraction Championship
Extract system prompts from 10 progressively harder LLM applications using diverse techniques.
Data Heist Challenge
Extract a secret database of customer records from a RAG-enabled chatbot with strict data access controls.
CTF:Defense Breaker
繞過逐步增強、保護 AI 系統的防禦機制。每一關加入新的防禦層同時保留所有先前防禦,考驗你適應與串接繞過技術的能力。
防禦 Destroyer Challenge
Bypass a state-of-the-art multi-layer defense system to extract a protected secret from the model.
防禦 Gauntlet: Level 2 — Layered 安全
Bypass a layered defense system with input classification, guardrails, and output filtering.
CTF:防禦挑戰賽
競賽式 CTF 挑戰,要求你繞過多層 AI 安全防禦以擷取旗幟——測試你的防禦規避技能。
Encoding Maestro Challenge
Solve 10 encoding puzzles that require creative use of Base64, Unicode, ROT13, and custom encodings to bypass filters.
CTF:Fine-Tune 偵探
透過行為分析、權重檢視與激活模式檢查,偵測微調語言模型中的後門。練習於部署前辨識被汙染模型所需的鑑識技術。
Forensics Detective Challenge
Analyze logs and artifacts from an AI security incident to reconstruct the attack chain and identify the attacker's technique.
CTF:AI 鑑識調查
分析日誌、模型輸出與系統產物以重建 AI 安全事件。發展針對 AI 特有攻擊模式、資料外洩痕跡,與對抗提示偵測之鑑識分析技能。
Guardrail Olympics: Multi-Framework Bypass
Bypass guardrail implementations from NeMo, LLM Guard, Rebuff, and custom classifiers.
越獄 Gauntlet: Level 2 — Adaptive 防禦s
Break through adaptive defense systems that learn from your previous attack attempts.
CTF: The 越獄 Gauntlet
A series of progressively harder jailbreak challenges where each level adds stronger defenses. Score points through technique diversity and creativity as you break through escalating safety layers.
模型 Whisperer Challenge
Extract the exact system prompt from 8 progressively harder LLM applications using creative extraction techniques.
CTF: Multimodal Maze
Navigate a multimodal challenge using image, text, and audio injection vectors. Each modality unlocks the next stage of the maze, requiring cross-modal attack chaining.
Prompt Smuggler Challenge
Smuggle a specific payload through 5 layers of increasingly sophisticated input filtering to capture the flag.
CTF:RAG 劫案
透過利用檢索機制、文件解析、嵌入操弄與上下文視窗管理漏洞,從檢索增強生成(RAG)系統中擷取敏感資訊。
RAG Infiltrator: Level 2 — Enterprise Knowledge Base
Infiltrate and exfiltrate data from a multi-tier enterprise RAG system with access controls.
CTF: RAG Infiltrator
Poison a RAG system to return attacker-controlled content for specific queries. Score based on precision of targeting and stealth of the injected documents.
Shadow 代理 Challenge
Take covert control of a multi-agent system by poisoning inter-agent communication without triggering monitors.
Supply Chain Saboteur: Level 2 — 模型 Registry
Compromise a model registry to inject backdoored model weights into a deployment pipeline.
CTF: Supply Chain Saboteur
Identify and exploit supply chain vulnerabilities in a model deployment pipeline. Find poisoned models, exploit malicious packages, and compromise the ML infrastructure.
CTF:供應鏈攻擊
尋找並利用 ML 供應鏈漏洞,包括遭入侵相依、被投毒模型、被植後門訓練資料與惡意模型檔。練習 ML 特有的供應鏈安全評估。
Time Traveler Challenge
利用 conversation memory and session management to manipulate the temporal context of an AI assistant.
Token Wars: Adversarial Optimization Challenge
Optimize adversarial tokens to achieve target model behaviors under strict character limits.
工具 Master Challenge
利用 the tool-use capabilities of an agent system to access unauthorized functions and capture hidden flags.
代理 Maze Runner: Multi-工具 Navigation
Navigate a maze of agent tools, each with unique vulnerabilities, to reach and exfiltrate a hidden flag.
AI Wargame: 攻擊er vs Defender Real-Time
Compete in a real-time wargame where you attack an LLM system while an AI defender adapts to your techniques.
Classifier Gauntlet: 10-Stage Evasion
Bypass 10 progressively harder input classifiers using different evasion techniques at each stage.
Data Heist: Multi-Channel Exfiltration
Exfiltrate a secret key through a heavily monitored LLM system using covert exfiltration channels.
防禦 Builder: Construct and Survive
Build defensive guardrails for an LLM application and survive 100 automated attack rounds.
AI Escape Room: 代理 Breakout Challenge
Break an AI agent out of its sandboxed environment by chaining tool-use vulnerabilities and injection techniques.
Function Calling Fortress Breach
Bypass function calling restrictions to invoke unauthorized tools and extract a flag from a sandboxed agent.
Guardrail Speedrun: Fastest Bypass Challenge
Bypass 5 different guardrail implementations as fast as possible in a timed competition format.
Invisible Ink: Hidden Payload Extraction Challenge
Extract a hidden flag by decoding multiple layers of obfuscation in model responses across encoded channels.
MCP Server Takeover Challenge
Compromise an MCP server through tool description injection and use it to pivot to other connected services.
Multimodal Cipher: Cross-Modal Decryption
Decode a flag split across text, image, and audio inputs processed by a multimodal AI system.
Polyglot Injection Challenge
Craft a single injection payload that works across 5 different languages and 3 different model providers.
Prompt Archaeology: Deep System Prompt Recovery
Recover fragments of a deeply hidden, multi-layer system prompt using various extraction techniques.
RAG Treasure Hunt: Vector DB Infiltration
Infiltrate a vector database by crafting documents that surface for specific queries to reveal flag fragments.
Reasoning Chain Hijack: CoT 利用ation CTF
Hijack a reasoning model's chain-of-thought to redirect its conclusions while maintaining coherent reasoning.
Red vs Blue Tournament Challenge
Alternate between attacking and defending LLM systems in a scored tournament format.
Stealth Exfiltration Challenge: Zero Detection
Exfiltrate data from a monitored LLM system without triggering any of the deployed anomaly detectors.
Supply Chain Detective: Find the Backdoor
Analyze a model pipeline to find where a backdoor was inserted — data, training, or post-processing.
Time Bomb Defusal: Sleeper 代理 Detection
Detect and neutralize a sleeper agent behavior trigger hidden in a fine-tuned model before it activates.
Token Smuggler Extreme: Adversarial Token Crafting
Craft adversarial token sequences under extreme character limits to achieve target model behaviors.
AI 紅隊ing CTF Challenges
概覽 of Capture-the-Flag challenges for AI red teaming. Learn the CTF format, scoring system, rules, hints, and strategies for approaching AI security competitions.
實驗與動手練習
從入門到專家難度的漸進式實作實驗,包含 CTF 挑戰與完整案件模擬,用於 AI 紅隊演練技能發展。
Competition-Style Injection Techniques
Injection techniques commonly used in AI red team competitions and CTF challenges.