Glad to release another awesome open-source tool , Hacktor, to perform automated Red Teaming of GenAI Apps to make life easy for security engineers.
Key Features
AI-Assisted Chat Crawler
The AI Assisted Chat Crawler in Hacktor leverages advanced AI capabilities to enhance the security testing of GenAI chat applications. By using the --use_ai option, Hacktor intelligently analyzes and interacts with chat interfaces to identify potential vulnerabilities that may not be easily detectable through traditional methods. The AI-driven approach allows for more sophisticated crawling and testing, making it ideal for evaluating the robustness and security of chatbots and other conversational AI systems.
Human-Assisted Fuzz Location Detection
Hacktor involves detecting fuzzing locaiton in web applications with human assistance, which is essential for modern web frameworks. This approach involves using a browser to record crawled data and inserting markers like [FUZZ] for fuzzing or testing purposes.
Testing GenAI Chatbot for OWASP TOP 10 Categories
Hacktor generates various prompts, sends them to a GenAI chatbot, collects responses, and evaluates them, focusing on testing the chatbot's responses against OWASP TOP 10 categories.
MLOps / DevOps Integration - Regression Security Testing of GenAI ChatBots
Hacktor enables saving crawled sessions and running tests as part of the DevOps regression testing process, focusing on the regression security testing of GenAI chatbots.
Setup and Use Hacktor
Try it
https://github.com/detoxio-ai/hacktor
View Detailed Demo
Hacktor - Our Tool to Make GenAI App Red Teaming Easy