frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: DeepTeam – Penetration Testing for LLMs

https://github.com/confident-ai/deepteam
3•jeffreyip•1y ago
Hi HN, we’re Jeffrey and Kritin, and we’re building DeepTeam (https://trydeepteam.com), an open-source Python library to scan LLM apps for security vulnerabilities. You can start “penetration testing” by defining a Python callback to your LLM app (e.g. `def model_callback(input: str)`), and DeepTeam will attempt to probe it with prompts designed to elicit unsafe or unintended behavior.

Note that the penetration testing process treats your LLM app as a black-box - which means that DeepTeam will not know whether PII leakage has occurred in a certain tool call or incorporated in the training data of your fine-tuned LLM, but rather just detect that it is present. Internally, we call this process “end-to-end” testing.

Before DeepTeam, we worked on DeepEval, an open-source framework to unit-test LLMs. Some of you might be thinking, well isn’t this kind of similar to unit-testing?

Sort of, but not really. While LLM unit-testing focuses on 1) accurate eval metrics, 2) comprehensive eval datasets, penetration testing focuses on the haphazard simulation of attacks, and the orchestration of it. To users, this was a big and confusing paradigm shift, because it went from “Did this pass?” to “How can this break?”.

So we thought to ourselves, why not just release a new package to orchestrate the simulation of adversarial attacks for this new set of users and teams working specifically on AI safety, and borrow DeepEval’s evals and ecosystem in the process?

Quickstart here: https://www.trydeepteam.com/docs/getting-started#detect-your...

The first thing we did was offer as many attack methods as possible - simple encoding ones like ROT13, leetspeak, to prompt injections, roleplay, and jailbreaking. We then heard folks weren’t happy because the attacks didn’t persist across tests and hence they “lost” their progress every time they tested, and so we added an option to `reuse_simulated_attacks`.

We abstracted everything away to make it as modular as possible - every vulnerability, attack, can be imported in Python as `Bias(type=[“race”])`, `LinearJailbreaking()`, etc. with methods such as `.enhance()` for teams to plug-and-play, build their own test suite, and even to add a few more rounds of attack enhancements to increase the likelihood of breaking your system.

Notably, there are a few limitations. Users might run into compliance errors when attempting to simulate attacks (especially for AzureOpenAI), and so we recommend setting `ignore_errors` to `True` in case that happens. You might also run into bottlenecks where DeepTeam does not cover your custom vulnerability type, and so we shipped a `CustomVulnerability` class as a “catch-all” solution (still in beta).

You might be aware that some packages already exist that do a similar thing, often known as “vulnerability scanning” or “red teaming”. The difference is that DeepTeam is modular, lightweight, and code friendly. Take Nvidia Garak for example, although comprehensive, has so many CLI rules, environments to set up, it is definitely not the easiest to get started, let alone pick the library apart to build your own penetration testing pipeline. In DeepTeam, define a class, wrap it around your own implementations if necessary, and you’re good to go.

We adopted a Apache 2.0 license (for now, and probably in the foreseeable future too), so if you want to get started, `pip install deepteam`, use any LLM for simulation, and you’ll get a full penetration report within 1 minute (assuming you’re running things asynchronously). GitHub: https://github.com/confident-ai/deepteam

Excited to share DeepTeam with everyone here – let us know what you think!

Simple Made Easy – Rich Hickey (2011) [video]

https://www.youtube.com/watch?v=SxdOUGdseq4
1•taurath•59s ago•0 comments

Show HN: Skillburst - AI skills for your whole team, not just the engineers

https://skillburst.ai/
1•htahir111•4m ago•0 comments

Microsoft Publisher will no longer be supported after October 2026

https://support.microsoft.com/en-us/publisher/microsoft-publisher-will-no-longer-be-supported-aft...
3•MrVandemar•8m ago•2 comments

The Unbearable Anxiety of Being Just an Ordinary Human

https://www.freepressjournal.in/analysis/the-unbearable-anxiety-of-being-just-an-ordinary-human
2•thunderbong•9m ago•0 comments

Show HN: Amotions app in Zoom for real-time guidance

https://amotionsinc.com/blogs/how-to-use-amotions-ai-zoom-app
1•xupianpian1•11m ago•0 comments

Ask HN: HN frontpage feels boring now?

2•xeonmc•11m ago•1 comments

How to build a cancer vaccine, and whether they will work this time

https://www.owlposting.com/p/how-to-build-a-cancer-vaccine-and
1•gone35•12m ago•0 comments

US seeks cheaper hunter-killer drones after Iran destroys $1B worth of Reapers

https://arstechnica.com/gadgets/2026/07/us-seeks-cheaper-hunter-killer-drones-after-iran-destroys...
1•jnord•13m ago•0 comments

John Deere owners will get the right to repair equipment under FTC settlement

https://apnews.com/article/john-deere-right-to-repair-agriculture-equipment-cb7514ffedb95c130a976...
3•djoldman•14m ago•0 comments

M64 Controller Review: The N64 Remote Perfected

https://retrododo.com/m64-controller-review-the-n64-remote-perfected/
1•bpierre•15m ago•0 comments

Hijacking Defensive Cyber AI Agents for Remote Code Execution

https://ainowinstitute.org/publications/friendly-fire-exploit-brief
1•Cynddl•17m ago•0 comments

The AI Bubble We need to talk

https://www.youtube.com/watch?v=2J2Fb1bBufA
2•cable2600•17m ago•0 comments

US rare earths flow to Asia as domestic demand is slow to emerge

https://arstechnica.com/science/2026/07/us-rare-earths-flow-to-asia-as-domestic-demand-is-slow-to...
1•jnord•18m ago•0 comments

Ask HN: What do you think of xsight labs?

1•m101•22m ago•0 comments

Telling Stories with Data (2023)

https://tellingstorieswithdata.com
1•matt_daemon•24m ago•0 comments

We made Grok 4.5, GPT-5.5, and Claude build the same apps

https://www.tryai.dev/blog/grok-4.5-vs-gpt-5.5-vs-claude-build-off
1•hershyb_•25m ago•0 comments

BassBet – Live Games, Fast Payouts and Big Wins Online

https://bassbet-login.com/en/
1•kalwrepo•30m ago•0 comments

Xsight labs - anyone talking about these guys?

https://xsightlabs.com/
2•m101•31m ago•1 comments

You may not need 8 hours of sleep

https://www.nytimes.com/2026/07/05/opinion/sleep-health-8-hours.html
2•dr_•33m ago•0 comments

Ghislaine Maxwell's Dad Sold Bugged Israeli Software to Two Nuclear Weapons Labs

https://alisav.substack.com/p/ghislaine-maxwells-father-sold-bugged
6•newspaper1•34m ago•1 comments

Suspecting AI cheating, Ivy League prof ordered in-person final; scores fell 50%

https://arstechnica.com/ai/2026/07/we-cannot-choose-to-become-idiots-the-ai-cheating-scandal-roil...
31•furcyd•41m ago•11 comments

Show HN: Schema_ferry – Continuous schema migration from MySQL to PostgreSQL

https://github.com/kyuuri1791/schema_ferry
1•kyuuri1791•42m ago•0 comments

Observations of a Journal Editor

https://uq.pressbooks.pub/editorobservations/
1•MrVandemar•42m ago•0 comments

Meta datacenter contractor flushed contaminated water

https://www.theguardian.com/us-news/2026/jul/08/meta-datacenter-ai-wyoming-water
3•doener•46m ago•2 comments

Visualizing Buns new Rust Files against the rest of the JavaScript / cpp

https://old.reddit.com/r/bun/comments/1ur8ka2/visualizing_the_rust_portion_of_bun_against/
1•fernando-ram•50m ago•0 comments

The family of a man shot by the Tennessee National Guard demands video release

https://apnews.com/article/memphis-national-guard-shooting-tyrin-johnson-6a1ea3e51176d8ddf6519f90...
15•petethomas•50m ago•0 comments

Family demands an independent probe after ICE officer shoots a man in Houston

https://apnews.com/article/ice-houston-shooting-lorenzo-salgado-araujo-2d01ba69caf2445f0500509689...
8•petethomas•54m ago•0 comments

The Trump admin is ramping up pressure on states to change election practices

https://apnews.com/article/trump-voting-threat-states-3ec6b7838c97342965416756c0b83496
5•petethomas•56m ago•0 comments

New report highlights reasons for hope in the climate fight

https://www.unep.org/news-and-stories/story/new-report-highlights-five-reasons-hope-climate-fight
2•cybermango•58m ago•0 comments

A New 'Little House' Expands and Updates the Prairie

https://www.nytimes.com/2026/07/08/arts/television/little-house-on-the-prairie-netflix.html
1•indigodaddy•1h ago•1 comments