Introduction
Penetration testing techniques for AI and LLM applications. AI services expose API endpoints, model metadata, and admin interfaces that traditional web scanners won't catch. These pages collect the tools and wordlists you need to find and probe them.
Use these techniques only in authorized environments: systems you own, CTF challenges, or designated labs.
Section Overview
- Recon: AI endpoint discovery and directory enumeration with ffuf, plus a comprehensive wordlist covering OpenAI, Anthropic, Ollama, vLLM, LangChain, MCP, and dozens of other AI frameworks.