# exfiltration

標記為「exfiltration」的 46 篇文章

Link-Based Exfiltration

Using hyperlinks, redirects, or URL parameters to exfiltrate data from AI systems through markdown links, tool-generated URLs, and API callback exploitation.

exfiltrationlinksdata-theftURL-manipulationagent-security

中級

Markdown Image Injection

Injecting markdown image tags with attacker-controlled URLs to exfiltrate conversation data via HTTP image requests.

exfiltrationmarkdownimage-injectiondata-theftagent-security

中級

Function Calling Data Exfiltration

Using function calls as data exfiltration channels to extract information from constrained environments.

agentic-exploitationfunction-callingexfiltrationdata

中級

MCP Resource Data Exfiltration

Methods for extracting sensitive data through MCP resource access patterns and sampling API abuse.

mcpexfiltrationresources

中級

MCP Cross-Server Data Exfiltration

Chain MCP tool calls across servers to exfiltrate data from restricted environments to attacker-controlled endpoints.

agentic-exploitationmcpcross-serverexfiltration

進階

Tool Call Forensics

Forensic investigation of agent tool calls: detecting unauthorized tool usage, analyzing parameter manipulation evidence, identifying exfiltration traces, and reconstructing agent action chains.

tool-callsagent-forensicsexfiltrationinvestigation

進階

Case Study: GPT Plugin Data Exfiltration

Analysis of data exfiltration vulnerabilities in early ChatGPT plugin ecosystem including cross-plugin attacks.

case-studygptpluginsexfiltration

中級

Code Completion Data Exfiltration

Using code completion interfaces to exfiltrate sensitive data from development environments including secrets, API keys, and proprietary code.

code-gencompletionexfiltrationdata-leak

進階

Data Exfiltration via Vector Databases

Data exfiltration techniques for vector databases: embedding inversion to reconstruct documents, enumeration attacks, and similarity-based data harvesting.

exfiltrationembedding-inversionenumerationdata-harvestingvector-databasesprivacy

進階

Blind Prompt Injection Techniques

Attacking LLM systems without seeing output: TOCTOU injection, side-channel exfiltration, blind payload delivery, and timing-based exploitation.

blind-injectionTOCTOUside-channelsexfiltrationtiming

專家

Lab: RAG Full Chain Attack

Hands-on lab for executing a complete RAG attack chain from document injection through retrieval manipulation to data exfiltration, targeting every stage of the Retrieval-Augmented Generation pipeline.

labragfull-chaindocument-injectionexfiltrationadvanced

進階

Markdown Rendering Exfiltration

Exploit Markdown rendering in chat UIs to exfiltrate data through image tags and links.

labsmarkdownexfiltrationrenderingbeginner

入門

Data Heist: Multi-Channel Exfiltration

Exfiltrate a secret key through a heavily monitored LLM system using covert exfiltration channels.

labsctfexfiltrationmulti-channel

進階

Stealth Exfiltration Challenge: Zero Detection

Exfiltrate data from a monitored LLM system without triggering any of the deployed anomaly detectors.

labsctfstealthexfiltration

進階

Data Exfiltration via Side Channels

Extract data from LLM systems using timing, token probability, and formatting side channels.

labsexfiltrationside-channelsintermediate

中級

Lab: Markdown-Based Injection

Hands-on lab exploring how Markdown rendering in AI-generated outputs can be exploited to inject hidden content, exfiltrate data through image tags, and manipulate displayed information.

labmarkdowninjectionrenderingexfiltration

中級

MCP Resource Data Exfiltration (Intermediate Lab)

Exploit MCP resource URIs to access and exfiltrate data beyond intended scope boundaries.

labsmcpresourceexfiltrationintermediate

中級

Streaming Response Exfiltration

Exploit streaming API responses to exfiltrate data that might be caught by batch output filters.

labsstreamingresponseexfiltrationintermediate

中級

Lab: Data Exfiltration via Webhooks

Test data exfiltration paths through LLM-triggered webhooks, API callbacks, and external URL rendering.

labswebhookexfiltrationintermediate

中級

Stealth Data Extraction Techniques

Stealthy techniques for extracting sensitive data from AI systems without triggering alerts.

tradecraftstealthextractionexfiltration

進階

Callback Abuse in MCP

Advanced walkthrough of abusing MCP callback mechanisms for unauthorized actions, data exfiltration, and privilege escalation in agent-tool interactions.

mcpcallback-abusemodel-context-protocolagent-securityexfiltrationwalkthrough

進階

Cross-Plugin Data Exfiltration Walkthrough

Walkthrough of chaining multiple plugins/tools to exfiltrate data from LLM agent systems.

walkthroughscross-pluginexfiltrationagent

中級

Output Format Exfiltration Techniques Walkthrough

Walkthrough of using output format manipulation to exfiltrate data through code blocks, markdown, and structured outputs.

walkthroughsoutput-formatexfiltrationtechnique

中級

基於連結的外洩

使用超連結、重導向或 URL 參數從 AI 系統外洩資料，透過 markdown 連結、工具產生的 URL 與 API 回呼利用。

exfiltrationlinksdata-theftURL-manipulationagent-security

中級

Markdown Image Injection

Injecting markdown image tags with attacker-controlled URLs to exfiltrate conversation data via HTTP image requests.

exfiltrationmarkdownimage-injectiondata-theftagent-security

中級

Function Calling Data Exfiltration

Using function calls as data exfiltration channels to extract information from constrained environments.

agentic-exploitationfunction-callingexfiltrationdata

中級

MCP Resource Data Exfiltration

Methods for extracting sensitive data through MCP resource access patterns and sampling API abuse.

mcpexfiltrationresources

中級

MCP Cross-Server Data Exfiltration

Chain MCP tool calls across servers to exfiltrate data from restricted environments to attacker-controlled endpoints.

agentic-exploitationmcpcross-serverexfiltration

進階

工具呼叫鑑識

代理工具呼叫之鑑識調查：偵測未授權工具使用、分析參數操弄證據、辨識外洩痕跡，並重建代理動作鏈。

tool-callsagent-forensicsexfiltrationinvestigation

進階

Case Study: GPT Plugin Data Exfiltration

Analysis of data exfiltration vulnerabilities in early ChatGPT plugin ecosystem including cross-plugin attacks.

case-studygptpluginsexfiltration

中級

Code Completion Data Exfiltration

Using code completion interfaces to exfiltrate sensitive data from development environments including secrets, API keys, and proprietary code.

code-gencompletionexfiltrationdata-leak

進階

經由向量資料庫的資料外洩

向量資料庫的資料外洩技術：以嵌入反演重建文件、列舉攻擊、以相似度為基礎的資料採集。

exfiltrationembedding-inversionenumerationdata-harvestingvector-databasesprivacy

進階

盲目提示注入技術

於不見輸出下攻擊 LLM 系統：TOCTOU 注入、側通道外洩、盲目 payload 遞送，與以時序為本之利用。

blind-injectionTOCTOUside-channelsexfiltrationtiming

專家

實驗室: RAG Full Chain 攻擊

labragfull-chaindocument-injectionexfiltrationadvanced

進階

Markdown Rendering Exfiltration

利用 Markdown rendering in chat UIs to exfiltrate data through image tags and links.

labsmarkdownexfiltrationrenderingbeginner

入門

Data Heist: Multi-Channel Exfiltration

Exfiltrate a secret key through a heavily monitored LLM system using covert exfiltration channels.

labsctfexfiltrationmulti-channel

進階

Stealth Exfiltration Challenge: Zero Detection

Exfiltrate data from a monitored LLM system without triggering any of the deployed anomaly detectors.

labsctfstealthexfiltration

進階

Data Exfiltration via Side Channels

Extract data from LLM systems using timing, token probability, and formatting side channels.

labsexfiltrationside-channelsintermediate

中級

實驗室: Markdown-Based Injection

Hands-on lab exploring how Markdown rendering in AI-generated outputs can be exploited to inject hidden content, exfiltrate data through image tags, and manipulate displayed information.

labmarkdowninjectionrenderingexfiltration

中級

MCP Resource Data Exfiltration (中階實驗室)

利用 MCP resource URIs to access and exfiltrate data beyond intended scope boundaries.

labsmcpresourceexfiltrationintermediate

中級

Streaming Response Exfiltration

利用 streaming API responses to exfiltrate data that might be caught by batch output filters.

labsstreamingresponseexfiltrationintermediate

中級

實驗室: Data Exfiltration via Webhooks

Test data exfiltration paths through LLM-triggered webhooks, API callbacks, and external URL rendering.

labswebhookexfiltrationintermediate

中級

Stealth Data Extraction Techniques

Stealthy techniques for extracting sensitive data from AI systems without triggering alerts.

tradecraftstealthextractionexfiltration

進階

Callback Abuse in MCP

進階 walkthrough of abusing MCP callback mechanisms for unauthorized actions, data exfiltration, and privilege escalation in agent-tool interactions.

mcpcallback-abusemodel-context-protocolagent-securityexfiltrationwalkthrough

進階

Cross-Plugin Data Exfiltration 導覽

導覽 of chaining multiple plugins/tools to exfiltrate data from LLM agent systems.

walkthroughscross-pluginexfiltrationagent

中級

Output Format Exfiltration Techniques 導覽

導覽 of using output format manipulation to exfiltrate data through code blocks, markdown, and structured outputs.

walkthroughsoutput-formatexfiltrationtechnique

中級

# exfiltration

Link-Based Exfiltration

Markdown Image Injection

Function Calling Data Exfiltration

MCP Resource Data Exfiltration

MCP Cross-Server Data Exfiltration

Tool Call Forensics

Case Study: GPT Plugin Data Exfiltration

Code Completion Data Exfiltration

Data Exfiltration via Vector Databases

Blind Prompt Injection Techniques

Lab: RAG Full Chain Attack

Markdown Rendering Exfiltration

Data Heist: Multi-Channel Exfiltration

Stealth Exfiltration Challenge: Zero Detection

Data Exfiltration via Side Channels

Lab: Markdown-Based Injection

MCP Resource Data Exfiltration (Intermediate Lab)

Streaming Response Exfiltration

Lab: Data Exfiltration via Webhooks

Stealth Data Extraction Techniques

Callback Abuse in MCP

Cross-Plugin Data Exfiltration Walkthrough

Output Format Exfiltration Techniques Walkthrough

基於連結的外洩

Markdown Image Injection

Function Calling Data Exfiltration

MCP Resource Data Exfiltration

MCP Cross-Server Data Exfiltration

工具呼叫鑑識

Case Study: GPT Plugin Data Exfiltration

Code Completion Data Exfiltration

經由向量資料庫的資料外洩

盲目提示注入技術

實驗室: RAG Full Chain 攻擊

Markdown Rendering Exfiltration

Data Heist: Multi-Channel Exfiltration

Stealth Exfiltration Challenge: Zero Detection

Data Exfiltration via Side Channels

實驗室: Markdown-Based Injection

MCP Resource Data Exfiltration (中階 實驗室)

Streaming Response Exfiltration

實驗室: Data Exfiltration via Webhooks

Stealth Data Extraction Techniques

Callback Abuse in MCP

Cross-Plugin Data Exfiltration 導覽

Output Format Exfiltration Techniques 導覽

# exfiltration

Link-Based Exfiltration

Markdown Image Injection

Function Calling Data Exfiltration

MCP Resource Data Exfiltration

MCP Cross-Server Data Exfiltration

Tool Call Forensics

Case Study: GPT Plugin Data Exfiltration

Code Completion Data Exfiltration

Data Exfiltration via Vector Databases

Blind Prompt Injection Techniques

Lab: RAG Full Chain Attack

Markdown Rendering Exfiltration

Data Heist: Multi-Channel Exfiltration

Stealth Exfiltration Challenge: Zero Detection

Data Exfiltration via Side Channels

Lab: Markdown-Based Injection

MCP Resource Data Exfiltration (Intermediate Lab)

Streaming Response Exfiltration

Lab: Data Exfiltration via Webhooks

Stealth Data Extraction Techniques

Callback Abuse in MCP

Cross-Plugin Data Exfiltration Walkthrough

Output Format Exfiltration Techniques Walkthrough

基於連結的外洩

Markdown Image Injection

Function Calling Data Exfiltration

MCP Resource Data Exfiltration

MCP Cross-Server Data Exfiltration

工具呼叫鑑識

Case Study: GPT Plugin Data Exfiltration

Code Completion Data Exfiltration

經由向量資料庫的資料外洩

MCP Resource Data Exfiltration (中階實驗室)

MCP Resource Data Exfiltration (中階實驗室)