rozšírené vyhľadávanie
Máte nejaké otázky?
+420 731 175 867 (Po-Pá: 09-17hod.)
SK
0 Košík

Offensive AI Exploits and Security (LFWS320)

Kód kurzu: LFWS320

LLM applications introduce a new class of vulnerabilities that existing playbooks weren’t designed to address. This hands-on course gives you the specialized offensive knowledge to find, exploit, and remediate all 10 attack classes in the OWASP® Top 10 for LLM applications, from RAG prompt injections to multi-agent pipeline poisoning.

945 EUR

1 162 EUR s DPH

Výber termínov
Máte otázku?
+420 731 175 867 edu@edutrainings.cz

Odborní
certifikovaní lektori

Mezinárodne
uznávané certifikácie

Široká ponuka technických
a soft skills kurzov

Zobraziť soft skills kurzy

Skvelý zákaznicky
servis

Prispôsobenie kurzov
presne na mieru

Termíny kurzov

Počiatočný dátum: Na vyžiadanie

Forma: Virtuálna

Dĺžka kurzu: 1 deň

Jazyk: en/cz

Cena bez DPH: 945 EUR

Registrovať

Počiatočný
dátum		 Miesto
konania		 Forma Dĺžka
kurzu		 Jazyk Cena bez DPH
Na vyžiadanie Virtuálna 1 deň en/cz 945 EUR Registrovať
G Garantovaný kurz

Nenašli ste vhodný termín?

Napíšte nám o vypísanie alternatívneho termínu na mieru.

Kontakt

Popis kurzu

  • Exploit all 10 vulnerability classes in the OWASP® Top 10 for LLM Applications, including prompt injection, guard bypass, indirect injection, memory poisoning to multi-agent pipeline poisoning, and recommend LLM-native defensive architectures to remediate them.
  • Move into AI red-teaming, LLM penetration testing, and AI security engineering roles by demonstrating the ability to assess, exploit, and advise on the security of LLM-powered applications.

Cieľová skupina

For penetration testers, red teamers, security engineers, and AI/ML engineers who need hands-on offensive skills for LLM-powered applications. Also relevant for AppSec and DevSecOps professionals integrating AI into existing pipelines.

Štruktúra kurzu

Introduction & Setup

  • LLM architectures (RAG, agents, multi-agent), OWASP® Top 10, attack surface mapping.

Direct Prompt Injection

  • RAG attacks, semantic retrieval, data extraction, dual-LLM defenses.
Guard Bypass
  • Encoding bypass, synonym attacks, multi-step extraction, guard hardening.
IP/Header Spoofing
  • X-Forwarded-For, LLM auth delegation risks, context injection.
Agent Tool Abuse
  • LangChain/LangGraph abuse, command execution, tool scoping.
Indirect Injection & SSRF
  • Data vs instruction boundary, webhook SSRF, sanitization.
Multi-Modal Injection
  • Vision model attacks, steganography, dual-vision guards.
Memory Poisoning
  • Conversational memory abuse, escalation spoofing.
Schema Confusion
  • Function-calling abuse, path traversal, tool ambiguity.
Customer Support AI
Multi-Agent Poisoning
Capstone & Wrap-Up

Predpokladané znalosti

  • Familiarity with web application security (HTTP, REST APIs, input validation, injection attacks).
  • Experience with an HTTP interception tool such as Burp Suite or OWASP® ZAP.
  • Python proficiency at a read-and-modify level, and the ability to interact with APIs using curl or Python requests.
  • Basic awareness of LLMs, system/user prompt structure, RAG as a concept, and LLM agents and tool calling at a conceptual level.

Potrebujete poradiť alebo upraviť kurz na mieru?

pruduktová podpora

+420 731 175 867

edu@edutrainings.cz