frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: DeepTeam – Penetration Testing for LLMs

https://github.com/confident-ai/deepteam
3•jeffreyip•1y ago
Hi HN, we’re Jeffrey and Kritin, and we’re building DeepTeam (https://trydeepteam.com), an open-source Python library to scan LLM apps for security vulnerabilities. You can start “penetration testing” by defining a Python callback to your LLM app (e.g. `def model_callback(input: str)`), and DeepTeam will attempt to probe it with prompts designed to elicit unsafe or unintended behavior.

Note that the penetration testing process treats your LLM app as a black-box - which means that DeepTeam will not know whether PII leakage has occurred in a certain tool call or incorporated in the training data of your fine-tuned LLM, but rather just detect that it is present. Internally, we call this process “end-to-end” testing.

Before DeepTeam, we worked on DeepEval, an open-source framework to unit-test LLMs. Some of you might be thinking, well isn’t this kind of similar to unit-testing?

Sort of, but not really. While LLM unit-testing focuses on 1) accurate eval metrics, 2) comprehensive eval datasets, penetration testing focuses on the haphazard simulation of attacks, and the orchestration of it. To users, this was a big and confusing paradigm shift, because it went from “Did this pass?” to “How can this break?”.

So we thought to ourselves, why not just release a new package to orchestrate the simulation of adversarial attacks for this new set of users and teams working specifically on AI safety, and borrow DeepEval’s evals and ecosystem in the process?

Quickstart here: https://www.trydeepteam.com/docs/getting-started#detect-your...

The first thing we did was offer as many attack methods as possible - simple encoding ones like ROT13, leetspeak, to prompt injections, roleplay, and jailbreaking. We then heard folks weren’t happy because the attacks didn’t persist across tests and hence they “lost” their progress every time they tested, and so we added an option to `reuse_simulated_attacks`.

We abstracted everything away to make it as modular as possible - every vulnerability, attack, can be imported in Python as `Bias(type=[“race”])`, `LinearJailbreaking()`, etc. with methods such as `.enhance()` for teams to plug-and-play, build their own test suite, and even to add a few more rounds of attack enhancements to increase the likelihood of breaking your system.

Notably, there are a few limitations. Users might run into compliance errors when attempting to simulate attacks (especially for AzureOpenAI), and so we recommend setting `ignore_errors` to `True` in case that happens. You might also run into bottlenecks where DeepTeam does not cover your custom vulnerability type, and so we shipped a `CustomVulnerability` class as a “catch-all” solution (still in beta).

You might be aware that some packages already exist that do a similar thing, often known as “vulnerability scanning” or “red teaming”. The difference is that DeepTeam is modular, lightweight, and code friendly. Take Nvidia Garak for example, although comprehensive, has so many CLI rules, environments to set up, it is definitely not the easiest to get started, let alone pick the library apart to build your own penetration testing pipeline. In DeepTeam, define a class, wrap it around your own implementations if necessary, and you’re good to go.

We adopted a Apache 2.0 license (for now, and probably in the foreseeable future too), so if you want to get started, `pip install deepteam`, use any LLM for simulation, and you’ll get a full penetration report within 1 minute (assuming you’re running things asynchronously). GitHub: https://github.com/confident-ai/deepteam

Excited to share DeepTeam with everyone here – let us know what you think!

Hello

1•cogs132•28s ago•0 comments

El Nino forms, expected to strengthen, say NOAA forecasters

https://www.noaa.gov/news-release/el-nino-forms-expected-to-strengthen-say-noaa-forecasters
1•andsoitis•59s ago•0 comments

A Visual Catalog of Retro Macintosh Software

https://www.marciot.com/mac68k-visual-catalog/
1•zdw•2m ago•0 comments

How the Chinese use wires to catch rocket boosters

https://old.reddit.com/r/interestingasfuck/comments/1utyo87/how_the_chinese_use_wires_to_catch_ro...
2•jonbaer•12m ago•0 comments

Bring seamless PQC encryption into every messenger you already use

2•kvasilev•14m ago•0 comments

How to enforce bare-metal Rust constraints on an unaligned GAI?

https://github.com/osjc/CRITICAL-SURVIVAL-Sovereign-Core-Hypervisor-Alignment-GAI-Patch--Project-...
1•osjc•20m ago•0 comments

The Population Bust Is Coming Sooner Than Anyone Is Prepared For

https://www.nytimes.com/2026/07/11/opinion/population-forecast-birth-rate.html
3•toomuchtodo•21m ago•1 comments

A public ledger of cloud outages and the SLA credits they trigger

https://slacreditwatch.com
2•devd1976•22m ago•1 comments

The Future of Digital Money: The Race Between Tortoise, Hare and Rhino

https://sites.duke.edu/thefinregblog/2026/07/09/the-future-of-digital-money-the-race-between-the-...
1•zaik•22m ago•0 comments

3.5M Developers. Then Microsoft Pulled the Plug [video]

https://www.youtube.com/watch?v=CPhAkzb4kUo
1•BiraIgnacio•26m ago•0 comments

Patriotism in the US, Europe and Canada, Charted

https://www.politico.com/news/2026/07/11/poll-politics-patriotism-us-europe-canada-00993636
1•koolba•26m ago•0 comments

First images of Quest wreck reveal Shackleton's last ship

https://canadiangeographic.ca/articles/first-images-of-quest-wreck-reveal-shackletons-last-ship-d...
1•pseudolus•29m ago•0 comments

Odyssey Linux

https://odysseylinux.org
3•Gualdrapo•30m ago•1 comments

Chaoshan's qiaopi remittance system built wealth on trust, not contracts

https://www.sixthtone.com/news/1018709
3•whiteblossom•35m ago•0 comments

Pokémon Soul Society – Zanka No Tachi ( Bleach X Hoenn)

https://pokejumpermanga.blogspot.com/2026/07/pokemon-soul-society-zanka-no-tachi.html
2•MyBoyGreen•36m ago•0 comments

2026 Hardrock 100 Results: Ludo Pommeret and Courtney Dauwalter Set Records

https://www.irunfar.com/2026-hardrock-100-results
2•BiraIgnacio•38m ago•0 comments

Pokejumper.org/manga community-driven platform for honest manga critiques

https://pokejumpermanga.blogspot.com/
1•MyBoyGreen•39m ago•0 comments

I decompose engines into math primitives and restack the

https://atom-architecture-lab.jgalicea.chatgpt.site/
1•Rekonquest•46m ago•0 comments

Amazon layoffs take their toll in saturated job market

https://www.cnbc.com/2026/07/11/burnout-frustration-and-heartbreak-amazon-layoffs-take-their-toll...
1•pseudolus•47m ago•1 comments

SVG Filter Effects: Creating Texture with <FeTurbulence>

https://tympanus.net/codrops/2019/02/19/svg-filter-effects-creating-texture-with-feturbulence/
1•gregsadetsky•50m ago•0 comments

Process-based billing on Carolina Cloud: Pay only when a process is running

https://docs.carolinacloud.io/containers/genomics/#sentieon-billing-usage-based
1•bojangleslover•50m ago•0 comments

Agentifying your software development lifecycle

https://ykdojo.github.io/antigravity-cli-tips/content/agent-powered-sdlc.html
2•ykev•50m ago•0 comments

Using PowerShell over SSH, Twenty Years Later

https://mattmichie.com/2026/07/11/powershell-over-ssh-twenty-years-later/
2•influx•53m ago•0 comments

LM-Polygraph: Uncertainty Estimation for LLMs

https://github.com/IINemo/lm-polygraph
1•modinfo•56m ago•0 comments

Starlink from 1984

https://nemanjatrifunovic.substack.com/p/starlink-from-1984
3•ingve•58m ago•0 comments

How the FSF sysadmins block botnets with reaction

https://www.fsf.org/blogs/community/blocking-botnets-with-reaction
3•pseudolus•58m ago•1 comments

Model can accept 1M tokens doesn't mean it can reason across those 1M tokens

https://twitter.com/0xCarnagee/status/2075983721841225885
1•annjose•1h ago•1 comments

Doctors die. It's not like the rest of us, but it should be (2016)

https://archive.cancerworld.net/featured/how-doctors-die/
25•downbad_•1h ago•8 comments

Nuclear War Survival Skills (1987)

https://www.oism.org/nwss/
3•downbad_•1h ago•1 comments

Watch This Cyborg Cockroach Test Its New Diving Suit

https://nautil.us/watch-this-cyborg-cockroach-test-its-new-diving-suit-1282592
2•julkali•1h ago•0 comments