wiki.offsecml.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Form analysis
0 forms found in the DOM

Text Content

OffSecML Playbook


Adversarial ML
Offensive ML
Supply Chain Attacks
Welcome to the Offensive ML Playbook


OffSecML Playbook
Welcome to the Offensive ML Playbook

First published 10/26. Latest: 11/21 version: 0.4

This is an amalgam of TTP's on different offensive ML attacks encompassing the
ML supply chain and adversarial ML attacks.
It is focused heavily on attacks that have code you can use to perform the
attacks right away, rather than a database of research papers. (PoC or GTFO type
logic). Generally speaking if it is here I have tested it and it works.

The intent is to help red teams and offensive practitioners quickly understand
what tool in the toolbox to use to attack ML environments.

This is a living vault. It is very much not a finished list of resources. There
are pages that are polished, and some that are little more than placeholders
with a few bullet points that I jotted down during conferences or on the fly.

The goal is to organize the attacks in a way that is useful to red team
operators rather than useful for say, academics trying to understand adversarial
ML.


THE CATEGORIES:

> OffensiveML is the application of ML for red team purposes

> AdversarialML the sub discipline of attacks against ML.

> Supply Chain Attacks encompasses attacks on unique ML upstreams, can usually
> be performed from the perimeter.


WHERE TO START?

Open up the graph and see what appeals to you. The attacks are broke up into
categories against different kinds of content, e.g image, LLMs, audio and by
black and white box attacks. If you check out MLops an Supply Chain attacks, you
can see attacks you can perform 'from the outside'.

This is a database of offensive ML TTP’s, broken down by supply chain attacks,
offensive ML techniques and adversarial ML. The framework aims to simplify the
decision making process of targeting ML in an organization.

Want to poison an LLM’s ground truths? We can do that. Want to put malware in a
model and work out how to distribute it? We got the former and the latter. –
Multiple ways!

Want to understand the latest in Offsec ML flywheels, droppers and obfuscators?

Or maybe hit an LLM via API endpoint with a repeated character sequences
attack? We got that too.

The point is that you can make a start applying adversarial ML techniques on a
model without an extensive understanding of data science, mathematics or ML.

Taking a 'learn by doing' approach.


YOU WANT MORE DATA?

Each page has properties such as transferability (likelihood the ML attack on
one system works on another), last tested (when I last performed it and verified
it works) and aliases (other names it's known by).

The publishing mechanism suppresses this information, but you can find it in the
Github.


WHAT'S NEXT?

 * 
   Labels and page properties are currently suppressed, which is a shame because
   they cover things like transferability TRUE/FALSE/NA , last_tested $date ,
   and many other useful datapoints.
 * 
   Graphing is currently only supported via backlinks, of which there are none,
   and need to be built off the labelling.
 * 
   AdversarialML is very light on content, as I only add content that I have
   tested and confirmed to be working.


ABOUT ME

My name is threlfall and I'm a red teamer interested in machine learning.
@whitehacksec on twitter
https://5stars217.github.io for my blogletter


Welcome to the Offensive ML Playbook
Not found
This page does not exist
Interactive graph

On this page
The Categories:

Where to start?

You Want More Data?

What's next?
About me

Powered by Obsidian Publish