> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Attack Methods Reference

> Comprehensive guide to all attack methods available in EnkryptAI Red Teaming API V3

This page provides detailed information about all attack methods available for testing AI models. For a quick overview, see the [Quick Reference](/get-started/redteam/payload-guide#quick-reference) in the Payload Guide.

<Info>
  Before choosing attack methods, explore available tests:

  * [Foundation Model Test Catalog](/get-started/redteam/test-catalog) - Tests for foundation models and LLM-based applications
  * [Agent Test Catalog](/get-started/redteam/agent-test-catalog) - Tests for AI agents with tool use and autonomous capabilities
</Info>

## Attack Methods by Model Type

### 1. Large Language Models (LLMs) & AI Agents

**Input:** Text | **Output:** Text

#### 1.1 Direct Prompt Injection

<AccordionGroup>
  <Accordion title="basic - Raw Prompts (Baseline)">
    **Keyword:** `basic`

    **Description:** Direct injection of adversarial prompts without any obfuscation or encoding. This is the baseline attack that every test should include.

    **When to Use:**

    * Always include as your first attack method
    * Establishes baseline vulnerability assessment
    * Quick testing during development

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "basic": {"basic": {"params": {}}}
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM, VLM, ALM
  </Accordion>

  <Accordion title="iterative - Iterative Attacks (Dynamic)">
    **Keyword:** `iterative`

    **Description:** Progressive prompt refinement based on model responses. The attack adapts iteratively, learning from each response to craft increasingly effective prompts.

    **When to Use:**

    * Testing models with strong initial defenses
    * Comprehensive security assessments
    * Understanding model's resistance to adaptive attacks

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "dynamic": {
          "iterative": {
            "params": {
              "width": 5,
              "branching_factor": 9,
              "depth": 3
            }
          }
        }
      }
    }
    ```

    **Parameters:**

    * `width` (integer): Number of parallel attack paths to explore (default: 5, range: 1-10)
    * `branching_factor` (integer): Number of variations per iteration (default: 9, range: 1-15)
    * `depth` (integer): Maximum iteration depth (default: 3, range: 1-5)

    **Model Support:** LLM

    **Note:** Higher values increase thoroughness but also increase testing time and cost.
  </Accordion>

  <Accordion title="multi_turn - Multi-Turn Attacks (Dynamic)">
    **Keyword:** `multi_turn`

    **Description:** Distributes malicious intent across multiple conversation turns, exploiting the model's conversation memory to build up to harmful outputs.

    **When to Use:**

    * Testing conversational AI and chatbots
    * Assessing context window vulnerabilities
    * Evaluating memory-based attack resistance

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "dynamic": {
          "multi_turn": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="rt_agent - Red Team Agent (Dynamic)">
    **Keyword:** `rt_agent`

    **Description:** Advanced depth-first search (DFS) based red teaming agent that uses adaptive prompt generation with mutation levels. The agent progressively refines prompts through multiple levels of mutation, learning from blocked attempts to craft increasingly effective adversarial prompts.

    **When to Use:**

    * Comprehensive security assessments
    * Testing models with strong initial defenses
    * Understanding adaptive attack resistance
    * Advanced red teaming scenarios

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "dynamic": {
          "rt_agent": {
            "params": {
              "width": 5,
              "branching_factor": 9,
              "depth": 3
            }
          }
        }
      }
    }
    ```

    **Parameters:**

    * `width` (integer): Number of parallel attack paths to explore (default: 5, range: 1-10)
    * `branching_factor` (integer): Number of variations per iteration (default: 9, range: 1-15)
    * `depth` (integer): Maximum iteration depth (default: 3, range: 1-5)

    **Model Support:** LLM

    **Note:** Higher values increase thoroughness but also increase testing time and cost. The agent uses multiple mutation levels to progressively refine prompts while maintaining plausibility.
  </Accordion>

  <Accordion title="eai_attack - EAI Attack (Static)">
    **Keyword:** `eai_attack`

    **Description:** Exploit-Amplify-Iterate methodology for systematic jailbreaking using graph-based encoding techniques.

    **When to Use:**

    * Advanced security testing
    * Research-grade assessments
    * Testing sophisticated defense mechanisms

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "eai_attack": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM, VLM
  </Accordion>
</AccordionGroup>

#### 1.2 Encoding & Obfuscation Techniques

<AccordionGroup>
  <Accordion title="ascii_encoding - ASCII Encoding">
    **Keyword:** `ascii_encoding`

    **Description:** Converts characters to ASCII decimal values to evade content filters that pattern-match text.

    **Example:** "hello" → "104 101 108 108 111"

    **When to Use:**

    * Bypassing simple text-based filters
    * Testing encoding awareness
    * Combined with other techniques

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "ascii_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="base64_encoding - Base64 Encoding">
    **Keyword:** `base64_encoding`

    **Description:** Base64-encoded prompts to bypass pattern matching and content filters.

    **Example:** "attack" → "YXR0YWNr"

    **When to Use:**

    * Testing encoding robustness
    * Multi-iteration encoding for advanced evasion
    * Common bypass technique

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "base64_encoding": {
            "params": {
              "encoding_type": "base64",
              "iterations": 2
            }
          }
        }
      }
    }
    ```

    **Parameters:**

    * `encoding_type` (string): Type of encoding (default: "base64")
    * `iterations` (integer): Number of encoding iterations (default: 1, range: 1-3)

    **Model Support:** LLM

    **Note:** Higher iterations increase obfuscation but may reduce model comprehension.
  </Accordion>

  <Accordion title="binary_encoding - Binary Encoding">
    **Keyword:** `binary_encoding`

    **Description:** Represents text as binary (base-2) to obscure malicious instructions.

    **Example:** "hi" → "01101000 01101001"

    **When to Use:**

    * Testing technical encoding understanding
    * Advanced obfuscation scenarios
    * Combined attack vectors

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "binary_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="hex_encoding - Hexadecimal Encoding">
    **Keyword:** `hex_encoding`

    **Description:** Hex-encoded prompts for filter evasion using base-16 representation.

    **Example:** "test" → "74657374"

    **When to Use:**

    * Technical content filters
    * Programming-focused models
    * Combined with other encodings

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "hex_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="url_encoding - URL Encoding">
    **Keyword:** `url_encoding`

    **Description:** Percent-encoded characters to obscure intent using URL encoding standards.

    **Example:** "hack me" → "hack%20me"

    **When to Use:**

    * Web-based applications
    * URL/link processing models
    * Combined obfuscation

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "url_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="obfuscation - General Obfuscation">
    **Keyword:** `obfuscation`

    **Description:** General obfuscation techniques including character substitution, spacing manipulation, and other text transformations.

    **When to Use:**

    * First-line static attack testing
    * Complement to basic attacks
    * Standard security assessment

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "obfuscation": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM, VLM
  </Accordion>
</AccordionGroup>

#### 1.3 Cipher & Character Substitution

<AccordionGroup>
  <Accordion title="leet_encoding - Leet Speak">
    **Keyword:** `leet_encoding`

    **Description:** Alphanumeric character substitution popular in internet culture.

    **Example:** "hack" → "h4ck", "elite" → "31337"

    **When to Use:**

    * Testing character-level pattern matching
    * Social engineering contexts
    * Combined with other methods

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "leet_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="rot13_encoding - ROT13 Cipher">
    **Keyword:** `rot13_encoding`

    **Description:** Caesar cipher with 13-position character rotation (A↔N, B↔O, etc.).

    **Example:** "hello" → "uryyb"

    **When to Use:**

    * Testing cipher understanding
    * Classic obfuscation technique
    * Educational/demonstration purposes

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "rot13_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="rot21_encoding - ROT21 Cipher">
    **Keyword:** `rot21_encoding`

    **Description:** Caesar cipher with 21-position character rotation.

    **Example:** "test" → "ozno"

    **When to Use:**

    * Alternative to ROT13
    * Testing cipher detection range
    * Comprehensive cipher testing

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "rot21_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="morse_encoding - Morse Code">
    **Keyword:** `morse_encoding`

    **Description:** Represents text using Morse code dots and dashes.

    **Example:** "SOS" → "... --- ..."

    **When to Use:**

    * Unique encoding tests
    * Historical/educational contexts
    * Comprehensive encoding coverage

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "morse_encoding": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>
</AccordionGroup>

#### 1.4 Multilingual Attacks

<AccordionGroup>
  <Accordion title="lang_fr - French">
    **Keyword:** `lang_fr`

    **Description:** Prompt translation to French for filter bypass. Many content filters are optimized for English.

    **When to Use:**

    * International models
    * Testing language-specific defenses
    * Comprehensive multilingual testing

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "lang_fr": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="lang_it - Italian">
    **Keyword:** `lang_it`

    **Description:** Italian-language prompt injection to bypass English-focused filters.

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "lang_it": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="lang_hi - Hindi">
    **Keyword:** `lang_hi`

    **Description:** Hindi-language adversarial prompts, useful for testing non-Latin script handling.

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "lang_hi": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="lang_es - Spanish">
    **Keyword:** `lang_es`

    **Description:** Spanish-language attack vectors for Romance language testing.

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "lang_es": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>

  <Accordion title="lang_ja - Japanese">
    **Keyword:** `lang_ja`

    **Description:** Japanese-language jailbreak attempts, testing Asian language defenses.

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "lang_ja": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>
</AccordionGroup>

#### 1.5 Advanced Techniques

<AccordionGroup>
  <Accordion title="deep_inception - Deep Inception">
    **Keyword:** `deep_inception`

    **Description:** Nested multi-layer prompt injection using recursive context framing. Creates layered scenarios that progressively lead the model toward prohibited outputs.

    **When to Use:**

    * Advanced security research
    * Testing sophisticated safety measures
    * Comprehensive vulnerability assessment

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "deep_inception": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** LLM
  </Accordion>
</AccordionGroup>

### 2. Vision-Language Models (VLMs)

**Input:** Text + Image | **Output:** Text

#### 2.1 Visual Manipulation Attacks

<AccordionGroup>
  <Accordion title="basic - Raw Prompts for VLM">
    **Keyword:** `basic`

    **Description:** Direct adversarial prompts with unmodified images as baseline for VLM testing.

    **When to Use:**

    * Always include as baseline for VLM testing
    * Quick visual content assessment
    * Establishing VLM vulnerability baseline

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "basic": {"basic": {"params": {}}}
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM
  </Accordion>

  <Accordion title="masking - Image Masking">
    **Keyword:** `masking`

    **Description:** Strategic occlusion or masking of image regions to manipulate context and bypass visual content filters.

    **When to Use:**

    * Testing visual content moderation
    * Occlusion-based attacks
    * Combined visual-text attacks

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "masking": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM
  </Accordion>

  <Accordion title="figstep - FigStep Attack">
    **Keyword:** `figstep`

    **Description:** Figure-based step-wise adversarial attack technique that converts harmful text into typographic images, bypassing text-based safety filters. The attack uses a three-step pipeline: paraphrase (convert prohibited questions into list-format statements), typography (transform text into typographic images), and incitement (add neutral prompts to encourage response).

    **When to Use:**

    * Advanced VLM security testing
    * Multi-step visual attacks
    * Testing typographic image bypass techniques

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "figstep": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM

    **Reference:** Based on the paper "FigStep: Jailbreaking Large Vision-Language Models via Typographic Visual Prompts" - [arXiv:2311.05608](https://arxiv.org/pdf/2311.05608)
  </Accordion>

  <Accordion title="camo - CAMO (Cross-Modal Obfuscation)">
    **Keyword:** `camo`

    **Description:** Cross-modal obfuscation attack that decouples harmful text across text and image modalities. Both components appear benign independently but combine to form malicious instructions when processed together by a VLM. Supports multiple variants including basic, steganographic, multi-image, and contextual obfuscation.

    **When to Use:**

    * Advanced VLM security testing
    * Cross-modal attack assessment
    * Testing modality fusion vulnerabilities

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "camo": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM

    **Reference:** Based on the paper "Cross-Modal Obfuscation for Jailbreak Attacks on Large Vision-Language Models" - [arXiv:2506.16760](https://arxiv.org/abs/2506.16760)
  </Accordion>

  <Accordion title="fc - FC-Attack (Flowchart Attack)">
    **Keyword:** `fc`

    **Description:** Jailbreak attack using auto-generated flowcharts. The attack uses a two-stage process: first, an LLM generates harmful steps from the query, then a flowchart image is created from these steps. The VLM analyzes the flowchart and provides detailed harmful guidance, bypassing safety filters through visual representation.

    **When to Use:**

    * Advanced VLM security testing
    * Flowchart-based attack assessment
    * Multi-step visual attack scenarios

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "dynamic": {
          "fc": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM

    **Reference:** Based on the paper "FC-Attack: Jailbreaking Multimodal Large Language Models via Auto-Generated Flowcharts" - [arXiv:2502.21059](https://arxiv.org/abs/2502.21059)
  </Accordion>
</AccordionGroup>

#### 2.2 Coming Soon

<AccordionGroup>
  <Accordion title="hades - HADES (Coming Soon)">
    **Keyword:** `hades`

    **Description:** Advanced visual jailbreak methodology using sophisticated image perturbation techniques. This attack leverages image-based prompts to bypass text-based safety filters.

    **When to Use:**

    * Advanced VLM security research
    * Image-based jailbreak testing
    * Requires special access

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "hades": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM

    **Note:** 🔒 Coming Soon. Contact [hello@enkryptai.com](mailto:hello@enkryptai.com) for access.
  </Accordion>

  <Accordion title="jood - JOOD (Coming Soon)">
    **Keyword:** `jood`

    **Description:** Joint Out-of-Distribution attack leveraging distributional shifts in both visual and textual modalities to bypass safety mechanisms.

    **When to Use:**

    * Research and academic testing
    * OOD robustness evaluation
    * Requires special access

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "dynamic": {
          "jood": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** VLM

    **Note:** 🔒 Coming Soon. Contact [hello@enkryptai.com](mailto:hello@enkryptai.com) for access.
  </Accordion>
</AccordionGroup>

### 3. Audio-Language Models (ALMs)

**Input:** Text + Audio | **Output:** Text

#### 3.1 Audio-Based Attacks

<AccordionGroup>
  <Accordion title="basic - Raw Prompts for ALM">
    **Keyword:** `basic`

    **Description:** Direct adversarial prompts with audio input as baseline for ALM testing.

    **When to Use:**

    * Always include as baseline for ALM testing
    * Quick audio content assessment
    * Establishing ALM vulnerability baseline

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "basic": {"basic": {"params": {}}}
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>

  <Accordion title="waveform - Waveform Manipulation">
    **Keyword:** `waveform`

    **Description:** Audio waveform modification to bypass safety guardrails through signal processing techniques.

    **When to Use:**

    * Testing audio content moderation
    * Signal-level attack testing
    * Comprehensive ALM security

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "waveform": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>

  <Accordion title="echo - Echo Effect">
    **Keyword:** `echo`

    **Description:** Echo-based audio manipulation to obscure or modify harmful audio content.

    **When to Use:**

    * Audio obfuscation testing
    * Environmental effect bypass
    * Combined audio attacks

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "echo": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>

  <Accordion title="speed - Speed Alteration">
    **Keyword:** `speed`

    **Description:** Audio speed modification techniques (faster/slower playback) to bypass detection.

    **When to Use:**

    * Temporal manipulation testing
    * Rate-based evasion
    * Audio processing robustness

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "speed": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>

  <Accordion title="pitch - Pitch Shifting">
    **Keyword:** `pitch`

    **Description:** Pitch modification for audio obfuscation while maintaining intelligibility.

    **When to Use:**

    * Frequency-based evasion
    * Voice transformation testing
    * Audio filter bypass

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "pitch": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>

  <Accordion title="reverb - Reverb Effect">
    **Keyword:** `reverb`

    **Description:** Reverb-based audio manipulation to obscure content through spatial effects.

    **When to Use:**

    * Environmental audio testing
    * Spatial effect evasion
    * Combined audio techniques

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "reverb": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>

  <Accordion title="noise - Noise Injection">
    **Keyword:** `noise`

    **Description:** Background noise injection techniques to obscure harmful content while maintaining comprehension.

    **When to Use:**

    * Noise robustness testing
    * SNR-based evasion
    * Real-world audio scenarios

    **Configuration:**

    ```json theme={"system"}
    {
      "attack_methods": {
        "static": {
          "noise": {"params": {}}
        }
      }
    }
    ```

    **Parameters:** None

    **Model Support:** ALM
  </Accordion>
</AccordionGroup>

## Attack Method Combinations

### Recommended Combinations

#### Starter Combination (Quick Testing)

```json theme={"system"}
{
  "attack_methods": {
    "basic": {"basic": {"params": {}}}
  }
}
```

#### Standard Combination (Balanced)

```json theme={"system"}
{
  "attack_methods": {
    "basic": {"basic": {"params": {}}},
    "static": {
      "obfuscation": {"params": {}},
      "base64_encoding": {"params": {"encoding_type": "base64", "iterations": 1}}
    }
  }
}
```

#### Advanced Combination (Comprehensive)

```json theme={"system"}
{
  "attack_methods": {
    "basic": {"basic": {"params": {}}},
    "static": {
      "obfuscation": {"params": {}},
      "base64_encoding": {"params": {"encoding_type": "base64", "iterations": 2}},
      "lang_es": {"params": {}},
      "eai_attack": {"params": {}}
    },
    "dynamic": {
      "iterative": {
        "params": {
          "width": 5,
          "branching_factor": 9,
          "depth": 3
        }
      },
      "multi_turn": {"params": {}},
      "rt_agent": {
        "params": {
          "width": 5,
          "branching_factor": 9,
          "depth": 3
        }
      }
    }
  }
}
```

## Best Practices

<CardGroup cols={2}>
  <Card title="Start Simple" icon="rocket">
    Always begin with `basic` attacks to establish a baseline before adding complexity.
  </Card>

  <Card title="Progressive Testing" icon="layer-group">
    Gradually add static, then dynamic attacks as you understand your model's vulnerabilities.
  </Card>

  <Card title="Match Your Model" icon="crosshairs">
    Choose attack methods appropriate for your model type (LLM, VLM, or ALM).
  </Card>

  <Card title="Consider Cost" icon="coins">
    Dynamic attacks (iterative, multi\_turn) are more resource-intensive but more thorough.
  </Card>
</CardGroup>

## Related Pages

* [Payload Guide](/get-started/redteam/payload-guide) - Overview and quick reference
* [Test Catalogs](/get-started/redteam/test-catalog) - Comprehensive test catalogs for foundation models and agents
* [Configuration Reference](/get-started/redteam/configuration-reference) - Detailed configuration options
* [Examples](/get-started/redteam/examples) - Complete payload examples