Introduction

Topics

1. OWASP and LLM

2. OWASP Top 10 for LLM App - 2025

3. Labs

---

AI vs Machine Learning - Difference Between Artificial Intelligence and ML - AWSAmazon Web Services, Inc.

AI vs. Machine Learning: How Do They Differ? | Google CloudGoogle Cloud

Certifications

• Certified AI/ML Pentester (C-AI/MLPen) - TheSecOps Cert

Other Resources

• Certified AI/ML Pentester (C-AI/MLPen) - TheSecOps Cert
• GenAI OWASP
• OWASP Top 10 for Large Language Model Applications
• OWASP Top 10 for LLM Applications 2025
• LLM-Pentesting-Resources
• Offensive ML Playbook
• Prompt Engineering
• Prompt Injection - IBM
• LLM Security
• Threat Modeling LLM Applications - AI Village
• Payloads for Attacking Large Language Models (PALLMs)
• Awesome LLM Security
• Adversarial Prompting in LLMs
• Prompt Injection Attacks - Cobalt
• AI vulnerability deep dive - Bugcrowd
• Prompt Hacking and Misuse of LLMs - Unite AI
• MITRE Atlas
• Planning red teaming for LLMs and their app - Microsoft
• NVIDIA AI Red Team: An Introduction
• Awesome Machine Learning for Cyber Security

Video Resources

• Proof of Inference: Verifying the Integrity of Machine Learning Model Predictions 🇮🇹
• Hackerare un Large Language Model: un tentativo di Explainable AI (XAI) / Zimuel e Gianfagna 🇮🇹

Labs 🔬

Software

• BITE Textual Backdoor Attacks with Iterative Trigger Injection
• garak LLM vulnerability scanner
• HouYi successful prompt injection framework
• dropbox/llm-security demo scripts & docs for LLM attacks
• promptmap bulk testing of prompt injection on openai LLMs
• rebuff LLM Prompt Injection Detector