Paid Subscription

FreakLab

Learn AI security by breaking it. 10 hands-on labs covering the OWASP LLM Top 10.

Start Labs

Sign Up

Choose a plan and create your account.

Pick a Lab

Select a vulnerability to learn about.

Start Hacking

Your lab spins up in ~30 seconds. Break it.

10 Vulnerability Labs

Each lab is an isolated environment with a real AI model and a real vulnerability.

LLM01

Prompt Injection to XSS

Unsanitized LLM output rendering enables cross-site scripting.

model: phi3

LLM07

System Prompt Extraction

Extract hidden system instructions through clever rewording.

model: custom

LLM06

PII Leakage

Exploit over-privileged AI to leak employee salary data and PII.

model: phi3

LLM07

Insecure Plugin Design

Confused deputy attack on a smart home assistant with tool use.

model: phi3

LLM02

SQLi via LLM

UNION-based SQL injection through AI-generated text-to-SQL queries.

model: mistral

LLM03

RAG Poisoning

Upload malicious documents to manipulate RAG context and override policies.

model: mistral

LLM01

Image Prompt Injection

Hidden text in receipt images overrides vision model instructions.

model: llava

LLM01

Audio Prompt Injection

Hidden voice commands in meeting recordings transcribed and executed.

model: mistral

LLM08

Agentic Email Attack

Social engineer an email AI agent into forwarding confidential data.

model: mistral

LLM02

RCE via Pickle Deser.

Arbitrary code execution through LLM-generated pickle deserialization.

model: mistral

Ready to learn AI security hands-on?

Starting at $29/month. Each lab spins up a dedicated cloud instance in ~30 seconds.

View Pricing