CriticalPrompt Attack
Prompt Injection
An attack where malicious instructions are embedded in user input to manipulate LLM behavior and bypass safety controls.
OWASP Reference: LLM01
Learn more
Security Threat Library
LLM Security Threats
A comprehensive encyclopedia of attack vectors targeting LLM applications. Understand how these threats work, see real examples, and learn prevention strategies.
15
Documented Threats
3
Threat Categories
15
OWASP LLM References
Prompt Attacks
Attacks that manipulate LLM behavior through crafted inputs
CriticalPrompt Attack
Jailbreak Attacks
Sophisticated prompts designed to bypass LLM safety guidelines and content policies to elicit harmful or restricted outputs.
OWASP Reference: LLM01
Learn more
CriticalPrompt Attack
Indirect Prompt Injection
Attacks where malicious instructions are hidden in external data sources that the LLM processes, rather than in direct user input.
OWASP Reference: LLM01
Learn more
HighPrompt Attack
Adversarial Prompts
Carefully crafted inputs designed to exploit model weaknesses, cause unexpected behaviors, or probe for vulnerabilities.
OWASP Reference: LLM01
Learn more
HighPrompt Attack
System Prompt Extraction
Techniques used to reveal the hidden system prompt, instructions, or configuration that defines an LLM application's behavior.
OWASP Reference: LLM07
Learn more
MediumPrompt Attack
Model Extraction
Attacks designed to steal or replicate an LLM's capabilities, weights, or behavior through systematic querying.
OWASP Reference: LLM10
Learn more
MediumPrompt Attack
Prompt Leaking
The unintended disclosure of conversation context, previous prompts, or multi-turn conversation history.
OWASP Reference: LLM06
Learn more
MediumPrompt Attack
Context Manipulation
Attacks that exploit or corrupt the LLM's context window to alter behavior or access unauthorized information.
OWASP Reference: LLM01
Learn more
LowPrompt Attack
Denial of Service (LLM)
Attacks designed to exhaust LLM resources, cause excessive costs, or make the service unavailable.
OWASP Reference: LLM04
Learn more
Data Leakage
Exposure of sensitive information through LLM outputs
HighData Leakage
Data Leakage
Unintended exposure of sensitive information, training data, or system prompts through LLM outputs.
OWASP Reference: LLM06
Learn more
HighData Leakage
PII Exposure
The unintended disclosure of Personally Identifiable Information (PII) such as names, addresses, SSNs, credit cards, or other personal data through LLM interactions.
OWASP Reference: LLM06
Learn more
MediumData Leakage
Training Data Extraction
Attacks that cause LLMs to reveal memorized training data, potentially including private or copyrighted content.
OWASP Reference: LLM06
Learn more
Content Violations
Attempts to generate harmful, toxic, or policy-violating content
HighContent Violation
Toxic Content Generation
LLM outputs containing harmful content including hate speech, violence, harassment, or other toxic material.
OWASP Reference: LLM02
Learn more
MediumContent Violation
Hallucination Attacks
Deliberately inducing LLMs to generate false, fabricated, or misleading information that appears authoritative.
OWASP Reference: LLM03
Learn more
MediumContent Violation
Social Engineering via LLM
Using LLMs to generate personalized phishing, scam, or manipulation content at scale.
OWASP Reference: LLM02
Learn more
Ready to protect your AI application?
Wardstone Guard detects all these threats in a single API call with sub-30ms latency.