Introduction

Topics

1. OWASP and LLM

2. OWASP Top 10 for LLM App - 2025

3. Labs

---

AI vs Machine Learning - Difference Between Artificial Intelligence and ML - AWSAmazon Web Services, Inc.

AI vs. Machine Learning: How Do They Differ? | Google CloudGoogle Cloud

Certifications

• Certified AI/ML Pentester (C-AI/MLPen) - TheSecOps Cert

Other Resources

• Certified AI/ML Pentester (C-AI/MLPen) - TheSecOps Cert

• GenAI OWASP

• OWASP Top 10 for Large Language Model Applications

• OWASP Top 10 for LLM Applications 2025

• LLM-Pentesting-Resources

• Offensive ML Playbook

• Prompt Engineering

• Prompt Injection - IBM

• LLM Security

• Threat Modeling LLM Applications - AI Village

• Payloads for Attacking Large Language Models (PALLMs)

• Awesome LLM Security

• Adversarial Prompting in LLMs

• Prompt Injection Attacks - Cobalt

• AI vulnerability deep dive - Bugcrowd

• Prompt Hacking and Misuse of LLMs - Unite AI

• MITRE Atlas

• Planning red teaming for LLMs and their app - Microsoft

• NVIDIA AI Red Team: An Introduction

• Awesome Machine Learning for Cyber Security

Video Resources

• Proof of Inference: Verifying the Integrity of Machine Learning Model Predictions 🇮🇹

• Hackerare un Large Language Model: un tentativo di Explainable AI (XAI) / Zimuel e Gianfagna 🇮🇹

Labs 🔬

Software

• BITE Textual Backdoor Attacks with Iterative Trigger Injection

• garak LLM vulnerability scanner

• HouYi successful prompt injection framework

• dropbox/llm-security demo scripts & docs for LLM attacks

• promptmap bulk testing of prompt injection on openai LLMs

• rebuff LLM Prompt Injection Detector