Course Information
Registration period
Year-round Recruitment
Course Level
Study Mode
Duration
9 Hour(s) 6 Minute(s)
Language
English
Taught by
Martin Voelk
Certificate
- Available
- *The delivery and distribution of the certificate are subject to the policies and arrangements of the course provider.
Rating
Course Overview
Become professional in finding and exploiting AI/LLM vulnerabilities. For Ethical Hackers, Bug Hunters and Pentesters.
The Ultimate AI/LLM/ML Penetration Testing Course
Your instructor is Martin Voelk. He is a Cyber Security veteran with 25 years of experience. Martin holds some of the highest certification incl. CISSP, OSCP, OSWP, Portswigger BSCP, CCIE, PCI ISA and PCIP. He works as a consultant for a big tech company and engages in Bug Bounty programs where he found thousands of critical and high vulnerabilities.
This course has a both theory and practical lab sections with a focus on finding and exploiting vulnerabilities in AI and LLM systems and applications. The training is aligned with the OWASP Top 10 LLM vulnerability classes. Martin is solving all the LLM labs from Portswigger in addition to a lot of other labs and showcases. The videos are easy to follow along and replicate.
The course features the following:
· Prompt Injection
· Sensitive Information Disclosure
· Supply Chain
· Data and Model Poisoning
· Improper Output Handling
· Excessive Agency
· System Prompt Leakage
· Vector and Embedding Weaknesses
· Misinformation
· Unbounded Consumption and DoS
· Prompt Airlines CTF Challenge Walkthrough
· SecOps Group AI/ML Mock Exams 1 & 2 Walkthrough
· AI Prompt Attack and Defense Game Tensortrust
· Tooling
Notes & Disclaimer
Portswigger labs are a public and a free service from Portswigger for anyone to use to sharpen their skills. All you need is to sign up for a free account. I will to respond to questions in a reasonable time frame. Learning Pen Testing / Bug Bounty Hunting is a lengthy process, so please don’t feel frustrated if you don’t find a bug right away. Try to use Google, read Hacker One reports and research each feature in-depth. This course is for educational purposes only. This information is not to be used for malicious exploitation and must only be used on targets you have permission to attack.
Course Content
- 16 section(s)
- 63 lecture(s)
- Section 1 Introduction
- Section 2 Prompt Injection
- Section 3 Sensitive Information Disclosure
- Section 4 Supply Chain Vulnerabilities
- Section 5 Model and Training Data Poisoning
- Section 6 Improper Output Handling
- Section 7 Excessive Agency
- Section 8 Prompt Leakage
- Section 9 Vector and Embedding Weaknesses
- Section 10 Misinformation and Overreliance
- Section 11 Unbounded Consumption and DoS
- Section 12 Certified AI/LLM Penetration Tester
- Section 13 Prompt Airlines AI/ML CTF Challenge
- Section 14 SecOps Group AI/ML Mock Exams Walkthrough
- Section 15 AI Prompt Attack and Defense Game Tensortrust
- Section 16 Tooling
What You’ll Learn
- AI/LLM/ML vulnerabilities
- LLM01: Prompt Injection
- LLM02: Insecure Output Handling
- LLM03: Training Data Poisoning
- LLM04: Denial of Service (DoS)
- LLM05: Supply Chain Vulnerabilities
- LLM06: Sensitive Information Disclosure
- LLM07: Insecure Plugin Design
- LLM08: Excessive Agency
- LLM09: Overreliance
- LLM10: Model Theft
- find and exploit AI/LLM/ML vulnerabilities
- penetration testing
- bug bounty hunting
- Walkthrough of all AI/LLM/ML Labs from Portswigger and many more!
Skills covered in this course
Reviews
-
AAnbananthan Perumal
Very Benefit for expand our knowledge in AI. Thanks
-
NNarongdeach Mongkolnchat
I can't believe how much progress has been made.
-
PPeter White
Very good information although with the speed of AI some sections are already out of date slightly.
-
VValerio Mendolia
This was a fascinating course, and I'd recommend it to anyone. Martin is a fantastic teacher! He has a gift for explaining each step perfectly and makes complex topics seem simple. I highly recommend this course to everyone!
