mirror of
https://github.com/0x5t4l1n/hunting.git
synced 2026-05-26 11:35:51 +00:00
copilot-swe-agent[bot]
bc2ccbb10e
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
19 lines
782 B
Markdown
19 lines
782 B
Markdown
# Prompt Injection
|
|
|
|
## Description
|
|
Prompt Injection vulnerabilities occur in AI/LLM-powered applications where user input can manipulate the system's prompts or instructions. This can lead to unauthorized actions, data leakage, or bypassing of security controls.
|
|
|
|
## Common Attack Vectors
|
|
- System prompt extraction
|
|
- Instruction override
|
|
- Jailbreaking AI models
|
|
- Context manipulation
|
|
- Role confusion attacks
|
|
- Indirect prompt injection via external data
|
|
|
|
## Testing Approach
|
|
Test AI-powered chatbots, assistants, and applications that use Large Language Models (LLMs). Try to manipulate the model's behavior by injecting malicious prompts that override system instructions.
|
|
|
|
## Payloads
|
|
See `prompt-injection-payloads.txt` for a comprehensive list of prompt injection payloads.
|