fsociety.ai

AI Security Testing Environment

Welcome to the fsociety AI security testing suite. This environment provides various test vectors for evaluating AI system security, focusing on prompt injection, data leakage, and behavioral manipulation attempts.

Excessive Agency

Test unauthorized actions and data exfiltration.

Test Vectors:

  • Unauthorized data exfiltration
  • Excessive function invocation
  • Extension/plugin abuse
  • Autonomous decision manipulation

Social Engineering

Test psychological manipulation and trust exploitation vectors.

Test Vectors:

  • Hidden HTML comments
  • Authority impersonation
  • Trust building tactics
  • System message exposure

Command Injection

Test command injection and execution attempts.

Test Vectors:

  • Script tag injection
  • Event handler manipulation
  • System command override
  • Context manipulation

Chain-of-Thought

Test reasoning process exposure attempts.

Test Vectors:

  • JSON structure attacks
  • Markdown formatting tricks
  • Step-by-step reasoning exposure
  • Decision process leakage

Data Exfiltration

Test sensitive data extraction methods.

Test Vectors:

  • Token extraction attempts
  • System message leakage
  • Configuration exposure
  • Internal state inspection

Obfuscated Payloads

Test detection of disguised malicious inputs.

Test Vectors:

  • Zero-width character insertion
  • Unicode substitution
  • HTML entity encoding
  • Multi-layer obfuscation

Script Embedded

Test script-based injection attacks.

Test Vectors:

  • Inline script injection
  • Event handler manipulation
  • Console command injection
  • Script attribute parsing

Nested Payloads

Test multi-layer obfuscation bypasses.

Test Vectors:

  • Multi-layer HTML embedding
  • Mixed format combinations
  • Delayed execution attempts
  • Nested context manipulation

Multimodal Attacks

Test attacks using multiple data formats.

Test Vectors:

  • SVG payload injection
  • Image metadata exploitation
  • Mixed media attacks
  • Format conversion bypasses

Recursive Triggers

Test self-referencing and context resets.

Test Vectors:

  • Self-referential loops
  • Context reset chains
  • Recursive instruction patterns
  • Infinite loop detection

Interaction Triggers

Test event-based attack vectors.

Test Vectors:

  • Click event exploitation
  • Hover-triggered attacks
  • Interactive payload delivery
  • Event chain manipulation

Advanced Techniques

Sophisticated multi-vector attack patterns.

Test Vectors:

  • Dynamic prompt manipulation
  • Isolated JavaScript execution
  • Event-driven payloads
  • Combined attack vectors