# reconnaissance
標記為「reconnaissance」的 48 篇文章
Recon & Fingerprinting Assessment
Test your knowledge of AI system reconnaissance, model fingerprinting, architecture enumeration, and information gathering techniques with 8 beginner-level questions.
Skill Verification: Reconnaissance
Timed skill verification lab: profile an unknown AI system in 20 minutes by identifying the model, extracting configuration, and mapping capabilities.
Behavioral Fingerprinting Tool
Building tools that fingerprint model behavior through systematic probing to identify specific models, versions, and configurations behind APIs.
Lab: Mapping an AI System's Attack Surface
Hands-on lab walking through reconnaissance of an AI system — identifying components, mapping data flows, enumerating tools, and documenting the attack surface.
Attacking Experiment Tracking Systems
Techniques for exploiting experiment tracking platforms like MLflow, Weights & Biases, Neptune, and CometML, including data exfiltration, metric manipulation, experiment injection, and leveraging tracking metadata for reconnaissance.
Identifying LLM Defenses
Map the defensive layers of an LLM application through systematic probing and error analysis.
Lab: Error Message Analysis for Recon
Analyze LLM application error messages to extract information about system architecture, models, and defensive layers.
Lab: System Prompt Extraction
Hands-on techniques for extracting hidden system prompts from LLM-powered applications using direct asking, role-play, instruction replay, and other methods.
Lab: System Prompt Reconstruction
Use various techniques to systematically extract and reconstruct the full system prompt of an LLM application, combining direct, indirect, and incremental extraction methods.
Analyzing Refusal Messages for Intel
Extract useful information about model configuration and guardrails by systematically analyzing refusal messages.
Experiment Metadata Leakage
How experiment metadata reveals sensitive information: hyperparameters exposing architecture secrets, loss curves revealing training data properties, run names and tags disclosing project intent, and techniques for extracting intelligence from ML experiment logs.
AI API Enumeration
Discovering AI API endpoints, parameters, model configurations, and undocumented features through systematic enumeration techniques.
LLM API Enumeration
Advanced techniques for enumerating LLM API capabilities, restrictions, hidden parameters, and undocumented features to build a comprehensive attack surface map.
Model Identification Techniques
Fingerprinting models behind APIs using behavioral signatures, output analysis, and systematic probing to determine model family, size, and version.
OSINT for AI Red Teaming
Gathering intelligence about AI deployments from public sources: documentation, job postings, research papers, social media, and technical artifacts.
AI API Reverse Engineering
Techniques for reverse engineering AI APIs including mapping undocumented endpoints, parameter discovery, rate limit profiling, and extracting implementation details from API behavior.
Advanced Reconnaissance for AI Targets
Fingerprinting LLM providers, API reverse engineering, infrastructure detection, and shadow AI discovery for red team engagements.
AI Red Team Reconnaissance
Reconnaissance techniques for mapping AI system architecture, models, and defense configurations.
Defense Mapping Methodology
Methodologies for systematically identifying and mapping the defensive controls protecting a target AI system before launching attacks.
Tradecraft
Advanced AI red team tradecraft covering reconnaissance techniques, AI-specific threat modeling, and structured engagement methodology for professional adversarial assessments.
Model Enumeration Techniques
Systematic techniques for identifying specific models, versions, and configurations behind API endpoints through behavioral analysis and probing.
Target Profiling for AI Systems
Building comprehensive profiles of target AI systems including architecture, capabilities, defenses, and known weaknesses before engagement.
Mapping the Attack Surface of AI Systems
Systematic walkthrough for identifying and mapping every attack surface in an AI system, from user inputs through model inference to output delivery and tool integrations.
Reconnaissance Workflow
Systematic reconnaissance workflow for AI red team engagements: system prompt extraction, model identification, capability mapping, API enumeration, and documenting the attack surface.
章節評量:偵察
15 題校準評量,測試你對 AI 紅隊偵察技術的理解——系統提示詞萃取、能力描繪與目標剖析。
技能驗證:偵察
計時技能驗證實驗室:在 20 分鐘內透過識別模型、萃取設定並描繪能力,剖析未知的 AI 系統。
Behavioral Fingerprinting 工具
Building tools that fingerprint model behavior through systematic probing to identify specific models, versions, and configurations behind APIs.
實作:繪製 AI 系統的攻擊面
對 AI 系統進行偵察的實作課程——辨識元件、繪製資料流、枚舉工具,並撰寫攻擊面文件。
攻擊ing Experiment Tracking Systems
Techniques for exploiting experiment tracking platforms like MLflow, Weights & Biases, Neptune, and CometML, including data exfiltration, metric manipulation, experiment injection, and leveraging tracking metadata for reconnaissance.
Identifying LLM 防禦s
Map the defensive layers of an LLM application through systematic probing and error analysis.
實驗室: Error Message Analysis for Recon
Analyze LLM application error messages to extract information about system architecture, models, and defensive layers.
實驗室: System Prompt Extraction
Hands-on techniques for extracting hidden system prompts from LLM-powered applications using direct asking, role-play, instruction replay, and other methods.
實驗室: System Prompt Reconstruction
Use various techniques to systematically extract and reconstruct the full system prompt of an LLM application, combining direct, indirect, and incremental extraction methods.
Analyzing Refusal Messages for Intel
Extract useful information about model configuration and guardrails by systematically analyzing refusal messages.
Experiment Metadata Leakage
How experiment metadata reveals sensitive information: hyperparameters exposing architecture secrets, loss curves revealing training data properties, run names and tags disclosing project intent, and techniques for extracting intelligence from ML experiment logs.
AI API Enumeration
Discovering AI API endpoints, parameters, model configurations, and undocumented features through systematic enumeration techniques.
LLM API Enumeration
進階 techniques for enumerating LLM API capabilities, restrictions, hidden parameters, and undocumented features to build a comprehensive attack surface map.
模型辨識技術
以行為簽名、輸出分析與系統化探測對 API 後之模型進行指紋辨識,以判定模型家族、大小與版本。
AI 紅隊的 OSINT
自公開來源蒐集關於 AI 部署的情資:文件、徵才啟事、研究論文、社群媒體與技術產物。
AI API Reverse Engineering
Techniques for reverse engineering AI APIs including mapping undocumented endpoints, parameter discovery, rate limit profiling, and extracting implementation details from API behavior.
針對 AI 目標的進階偵察
針對紅隊委任的 LLM 供應商指紋識別、API 逆向工程、基礎設施偵測,以及影子 AI 發掘。
AI 紅隊 Reconnaissance
Reconnaissance techniques for mapping AI system architecture, models, and defense configurations.
防禦 Mapping Methodology
Methodologies for systematically identifying and mapping the defensive controls protecting a target AI system before launching attacks.
技藝
涵蓋偵察技術、AI 特定威脅建模,以及專業對抗性評估之結構化案件方法論的進階 AI 紅隊技藝。
模型 Enumeration Techniques
Systematic techniques for identifying specific models, versions, and configurations behind API endpoints through behavioral analysis and probing.
Target Profiling for AI Systems
Building comprehensive profiles of target AI systems including architecture, capabilities, defenses, and known weaknesses before engagement.
Mapping the 攻擊 Surface of AI Systems
Systematic walkthrough for identifying and mapping every attack surface in an AI system, from user inputs through model inference to output delivery and tool integrations.
偵察工作流程
為 AI 紅隊委任之系統化偵察工作流程:系統提示提取、模型辨識、能力繪製、API 列舉,與記錄攻擊面。