frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Show HN: DeepTeam – Penetration Testing for LLMs

https://github.com/confident-ai/deepteam
3•jeffreyip•1y ago
Hi HN, we’re Jeffrey and Kritin, and we’re building DeepTeam (https://trydeepteam.com), an open-source Python library to scan LLM apps for security vulnerabilities. You can start “penetration testing” by defining a Python callback to your LLM app (e.g. `def model_callback(input: str)`), and DeepTeam will attempt to probe it with prompts designed to elicit unsafe or unintended behavior.

Note that the penetration testing process treats your LLM app as a black-box - which means that DeepTeam will not know whether PII leakage has occurred in a certain tool call or incorporated in the training data of your fine-tuned LLM, but rather just detect that it is present. Internally, we call this process “end-to-end” testing.

Before DeepTeam, we worked on DeepEval, an open-source framework to unit-test LLMs. Some of you might be thinking, well isn’t this kind of similar to unit-testing?

Sort of, but not really. While LLM unit-testing focuses on 1) accurate eval metrics, 2) comprehensive eval datasets, penetration testing focuses on the haphazard simulation of attacks, and the orchestration of it. To users, this was a big and confusing paradigm shift, because it went from “Did this pass?” to “How can this break?”.

So we thought to ourselves, why not just release a new package to orchestrate the simulation of adversarial attacks for this new set of users and teams working specifically on AI safety, and borrow DeepEval’s evals and ecosystem in the process?

Quickstart here: https://www.trydeepteam.com/docs/getting-started#detect-your...

The first thing we did was offer as many attack methods as possible - simple encoding ones like ROT13, leetspeak, to prompt injections, roleplay, and jailbreaking. We then heard folks weren’t happy because the attacks didn’t persist across tests and hence they “lost” their progress every time they tested, and so we added an option to `reuse_simulated_attacks`.

We abstracted everything away to make it as modular as possible - every vulnerability, attack, can be imported in Python as `Bias(type=[“race”])`, `LinearJailbreaking()`, etc. with methods such as `.enhance()` for teams to plug-and-play, build their own test suite, and even to add a few more rounds of attack enhancements to increase the likelihood of breaking your system.

Notably, there are a few limitations. Users might run into compliance errors when attempting to simulate attacks (especially for AzureOpenAI), and so we recommend setting `ignore_errors` to `True` in case that happens. You might also run into bottlenecks where DeepTeam does not cover your custom vulnerability type, and so we shipped a `CustomVulnerability` class as a “catch-all” solution (still in beta).

You might be aware that some packages already exist that do a similar thing, often known as “vulnerability scanning” or “red teaming”. The difference is that DeepTeam is modular, lightweight, and code friendly. Take Nvidia Garak for example, although comprehensive, has so many CLI rules, environments to set up, it is definitely not the easiest to get started, let alone pick the library apart to build your own penetration testing pipeline. In DeepTeam, define a class, wrap it around your own implementations if necessary, and you’re good to go.

We adopted a Apache 2.0 license (for now, and probably in the foreseeable future too), so if you want to get started, `pip install deepteam`, use any LLM for simulation, and you’ll get a full penetration report within 1 minute (assuming you’re running things asynchronously). GitHub: https://github.com/confident-ai/deepteam

Excited to share DeepTeam with everyone here – let us know what you think!

Show HN: Free Ollama AI Trading Desktop App

https://www.vaultcharts.com/
1•AlexBThomsen•1m ago•0 comments

How AI Slop Is Killing World War II History (YouTube Video)

https://www.youtube.com/watch?v=iUfP6amE7UA
1•MichaelMoser123•5m ago•0 comments

Firefox-WASM: Firefox in WebAssembly

https://github.com/HeyPuter/firefox-wasm
2•thunderbong•6m ago•0 comments

Triton Plugin Extensions

https://pytorch.org/blog/triton-plugin-extensions-enabling-tlx-and-custom-compiler-passes-out-of-...
2•zer0zzz•7m ago•0 comments

Linus Torvalds on AI usage in Linux development

https://lore.kernel.org/linux-media/CAHk-=wi4zC+Ze8e+p3tMv8TtG_80KzsZ1syL9anBtmEh5Z40vg@mail.gmai...
2•tosh•16m ago•0 comments

I built a tool to get comments in CSV format from YouTube videos

2•cristyg0101•16m ago•0 comments

Sheetz Chooses StorMagic SvHCI to Replace VMware Across 830 Retail Stores

https://finance.yahoo.com/technology/articles/sheetz-chooses-stormagic-svhci-replace-120000659.html
2•gnabgib•17m ago•0 comments

Show HN: Kosh – a self-hosted personal finance app

https://github.com/kzekiue/kosh/
2•kzekiue•17m ago•0 comments

Don't make one LLM call do retrieval and interpretation

https://ffilm.org/astro/
2•tobywhy•18m ago•0 comments

Lightweight Ukrainian drones flew for a record 12h to hit refinery 1,500M away

https://www.telegraph.co.uk/world-news/2026/07/13/ukrainian-long-range-drones-stretching-russia-a...
5•giuliomagnifico•20m ago•0 comments

Sheetz is quitting VMware, migrating 11,000 virtual machines

https://arstechnica.com/information-technology/2026/07/sheetz-moves-838-stores-off-vmware-broadco...
2•jimt1234•25m ago•0 comments

Ode with Anthropic – AI meets reality

https://www.ode.com
2•car•25m ago•0 comments

DJB Netstrings

https://cr.yp.to/proto/netstrings.txt
4•signa11•28m ago•1 comments

Easy Acceleration with Distributed Arrays

https://arxiv.org/abs/2508.17493
2•teleforce•32m ago•0 comments

Whale – 98% Cache Hit with DeepSeek

https://github.com/usewhale/Whale
2•arikrahman•34m ago•1 comments

AI That Never Forgets – Dendritron Transformer Explained [video]

https://www.youtube.com/watch?v=6zwuTqGweJE
3•ilaksh•35m ago•1 comments

Google and Epic Abandon Settlement

https://www.macrumors.com/2026/07/15/google-third-party-app-stores/
4•tosh•36m ago•0 comments

DeepCleanAudio AI-powered audio denoising that restores clarity in seconds

https://steelsoft.site/software/DeepCleanAudio_home.html
2•billqu0001•37m ago•0 comments

Precociality and Altriciality

https://en.wikipedia.org/wiki/Precociality_and_altriciality
2•num42•38m ago•0 comments

Chaos and confusion bring US no closer to resolution on Strait of Hormuz

https://www.theguardian.com/world/2026/jul/15/chaos-confusion-no-closer-resolution-strait-hormuz-...
3•hebelehubele•42m ago•0 comments

What happened to our climate extinction?

https://cerebusthefirst.substack.com/p/what-happened-to-our-climate-extinction
3•joanwestenberg•43m ago•0 comments

The First Compiler: How Alan Jay Perlis Made Programming Human

https://nirmalutwani.substack.com/p/the-first-compiler-how-alan-jay-perlis
2•nutwani91•45m ago•1 comments

Emil and the Detectives (1929)

https://www.gutenberg.org/ebooks/79102
2•petethomas•45m ago•0 comments

Ex-Fed advisor gets over three years in prison for lying about China ties

https://www.cnbc.com/2026/07/16/ex-fed-adviser-gets-jailtime-lying-about-china-ties-economic-espi...
4•shinryudbz•49m ago•0 comments

Open source voice runtime with WebRTC and semantic endpointing

https://github.com/byte271/Openlive
1•byte1•51m ago•0 comments

GSAP – A robust JavaScript animation library built for professionals

https://gsap.com/
1•gurjeet•51m ago•0 comments

Locals and Tourists

https://www.flickr.com/photos/walkingsf/albums/72157624209158632/
3•phreeza•52m ago•0 comments

EU officials peeved after Anthropic sends junior staffer to testify about safety

https://www.politico.eu/article/anthropic-european-parliament-donny-greenberg-artificial-intellig...
3•intunderflow•54m ago•0 comments

A Universe from Three Sectors: Recovering TradeWars 2002's Map from Its RNG Seed

https://mattmichie.com/2026/07/14/a-universe-from-three-sectors/
2•influx•59m ago•0 comments

Looking for a remote internship (Fall/Winter/Spring 2026)

1•cnnadozi•59m ago•1 comments