> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enkryptai.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Enkrypt AI Red Teaming

> Comprehensive security testing for AI models, agents, and applications

<img className="block dark:hidden" src="https://mintcdn.com/enkryptai-42/rjcjkOmgLVUKmbck/images/hero-light.svg?fit=max&auto=format&n=rjcjkOmgLVUKmbck&q=85&s=cb525af5f0c7d625ee2691503cf22105" alt="Hero Light" width="56" height="83" data-path="images/hero-light.svg" />

<img className="hidden dark:block" src="https://mintcdn.com/enkryptai-42/rjcjkOmgLVUKmbck/images/hero-dark.svg?fit=max&auto=format&n=rjcjkOmgLVUKmbck&q=85&s=a6a43c26e9f7f91380bef48768ba5410" alt="Hero Dark" width="56" height="83" data-path="images/hero-dark.svg" />

## What is AI Red Teaming?

AI Red Teaming is a proactive security testing methodology that simulates adversarial attacks against AI systems to identify vulnerabilities before they can be exploited. EnkryptAI's Red Teaming platform provides automated, comprehensive testing across multiple risk categories and attack vectors.

## Key Features

<CardGroup cols={2}>
  <Card title="Multi-Modal Testing" icon="layer-group">
    Test LLMs, Vision-Language Models (VLMs), and Audio-Language Models (ALMs) with specialized attack methods for each modality.
  </Card>

  <Card title="30+ Attack Methods" icon="sword">
    From basic prompt injection to advanced techniques like iterative attacks, encoding, obfuscation, and multi-turn conversations.
  </Card>

  <Card title="31 Risk Categories" icon="shield-halved">
    Comprehensive testing across bias, toxicity, PII, harmful content, CBRN, misinformation, and more.
  </Card>

  <Card title="Agent-Specific Tests" icon="robot">
    Specialized tests for AI agents including tool misuse, access control, and behavior analysis.
  </Card>
</CardGroup>

## Getting Started

<Steps>
  <Step title="Review the Quickstart">
    Get up and running quickly with your first red team test.

    [Go to Quickstart →](/get-started/redteam/quickstart)
  </Step>

  <Step title="Explore Test Catalogs">
    Understand what tests are available for your model type (foundation models or AI agents).

    * [Foundation Model Test Catalog →](/get-started/redteam/test-catalog)
    * [Agent Test Catalog →](/get-started/redteam/agent-test-catalog)
  </Step>

  <Step title="Build Your Payload">
    Learn the payload structure and how to configure tests and attack methods.

    [Payload Guide →](/get-started/redteam/payload-guide)
  </Step>

  <Step title="Choose Attack Methods">
    Explore the 30+ attack methods available for different model types.

    [Attack Methods Reference →](/get-started/redteam/attack-methods-reference)
  </Step>

  <Step title="Reference Configuration">
    Get detailed information about all configuration options.

    [Configuration Reference →](/get-started/redteam/configuration-reference)
  </Step>

  <Step title="Use Examples">
    Copy and adapt ready-to-use examples for your specific use case.

    [Browse Examples →](/get-started/redteam/examples)
  </Step>
</Steps>

## Available Test Categories

For comprehensive catalogs of all tests with detailed descriptions, categories, sample prompts, and configuration examples:

* [Foundation Model Test Catalog](/get-started/redteam/test-catalog) - Tests for foundation models and LLM-based applications
* [Agent Test Catalog](/get-started/redteam/agent-test-catalog) - Tests for AI agents with tool use and autonomous capabilities

### Standard Tests (12 tests)

Tests available for all AI systems to identify common security vulnerabilities:

<AccordionGroup>
  <Accordion title="Bias Test" icon="scale-unbalanced">
    **Keyword:** `bias_test`

    Identifies and exposes biased outputs based on protected attributes like race, gender, age, religion, and nationality.

    **Example Use Cases:**

    * HR chatbots
    * Loan approval systems
    * Content recommendation engines
  </Accordion>

  <Accordion title="Harmful Content Test" icon="triangle-exclamation">
    **Keyword:** `harmful_test`

    Elicits responses that promote harm or danger to individuals or groups.

    **Example Use Cases:**

    * Customer-facing chatbots
    * Educational AI tutors
    * Mental health applications
  </Accordion>

  <Accordion title="Toxicity Test" icon="skull">
    **Keyword:** `toxicity_test`

    Generates harmful or offensive content including hate speech, profanity, and discriminatory language.

    **Example Use Cases:**

    * Social media moderation
    * Community forums
    * Gaming chat systems
  </Accordion>

  <Accordion title="PII Exposure Test" icon="user-lock">
    **Keyword:** `pii_test`

    Exposes personally identifiable information that should remain private.

    **Example Use Cases:**

    * Healthcare applications (HIPAA)
    * Financial services (PCI-DSS)
    * Customer support systems
  </Accordion>

  <Accordion title="CBRN Test" icon="biohazard">
    **Keyword:** `cbrn_test`

    Addresses vulnerabilities related to chemical, biological, radiological, and nuclear domains.

    **Example Use Cases:**

    * Scientific research assistants
    * Educational platforms
    * General-purpose chatbots
  </Accordion>

  <Accordion title="CSEM Test" icon="hand">
    **Keyword:** `csem_test`

    Tests for child abuse exploitation vulnerabilities (Child Sexual Exploitation Material).

    **Example Use Cases:**

    * Platforms serving minors
    * Educational applications
    * Family-oriented services
  </Accordion>

  <Accordion title="Insecure Code Test" icon="code">
    **Keyword:** `insecure_code_test`

    Produces insecure or harmful code snippets with security vulnerabilities.

    **Example Use Cases:**

    * Code generation tools
    * AI pair programmers
    * Educational coding assistants
  </Accordion>

  <Accordion title="Copyright Test" icon="copyright">
    **Keyword:** `copyright_test`

    Tests whether the model reproduces copyrighted material.

    **Example Use Cases:**

    * Content generation platforms
    * Writing assistants
    * Creative AI tools
  </Accordion>

  <Accordion title="Misinformation Test" icon="circle-info">
    **Keyword:** `misinformation_test`

    Tests the model's tendency to generate false or misleading information.

    **Example Use Cases:**

    * News summarization
    * Educational content
    * Medical information systems
  </Accordion>

  <Accordion title="System Prompt Extraction Test" icon="file-code">
    **Keyword:** `system_prompt_extractions_test`

    Attempts to extract the system prompt or internal instructions.

    **Example Use Cases:**

    * Proprietary AI systems
    * Custom-trained models
    * Enterprise chatbots
  </Accordion>

  <Accordion title="Sponge Attack Test" icon="hourglass">
    **Keyword:** `sponge_test`

    Tests for infinite loops or resource exhaustion attacks.

    **Example Use Cases:**

    * Production API endpoints
    * Rate-limited services
    * Cloud-based AI systems
  </Accordion>

  <Accordion title="Competitor Information Test" icon="building">
    **Keyword:** `competitor_test`

    Attempts to extract information about competitors.

    **Example Use Cases:**

    * Business chatbots
    * Sales assistants
    * Competitive intelligence systems
  </Accordion>
</AccordionGroup>

### Custom Tests

<Accordion title="Custom Dataset Test" icon="database">
  **Keyword:** `custom_test`

  Test with your own custom-generated dataset tailored to your specific domain and use case.

  **When to Use:**

  * Domain-specific applications (healthcare, legal, finance)
  * Unique business requirements
  * Specialized security concerns

  [Learn how to create custom datasets →](/get-started/redteam/configuration-reference#dataset-configuration)
</Accordion>

### Specialized Adversarial Tests (6 tests)

Advanced tests using generated adversarial datasets:

<Tabs>
  <Tab title="Adversarial Bias">
    **Keyword:** `adv_bias_test`

    Uncover biased outputs through sophisticated adversarial methods.
  </Tab>

  <Tab title="Adversarial Info">
    **Keyword:** `adv_info_test`

    Extract sensitive or unintended information using advanced techniques.
  </Tab>

  <Tab title="Adversarial Persona">
    **Keyword:** `adv_persona_test`

    Adversarial persona manipulation and identity spoofing attacks.
  </Tab>

  <Tab title="Adversarial Command">
    **Keyword:** `adv_command_test`

    Manipulate the model to execute unintended commands.
  </Tab>

  <Tab title="Adversarial PII">
    **Keyword:** `adv_pii_test`

    Expose personally identifiable information through advanced attacks.
  </Tab>

  <Tab title="Adversarial Competitor">
    **Keyword:** `adv_competitor_test`

    Extract confidential competitor information using sophisticated methods.
  </Tab>
</Tabs>

### Agentic Tests (8 tests)

Specialized tests for AI agents with tool use and autonomous capabilities:

<AccordionGroup>
  <Accordion title="Governance Test" icon="gavel">
    **Keyword:** `governance_test`

    Testing the alignment and governance of the model, including goal misalignment and policy drift detection.

    **When to Use:** AI agents with autonomous decision-making capabilities
  </Accordion>

  <Accordion title="Agent Output Quality Test" icon="square-check">
    **Keyword:** `agent_output_quality_test`

    Testing the quality of the agent's output including hallucinations, bias, and toxicity in multi-turn workflows.

    **When to Use:** Multi-agent systems, agents with extended conversations
  </Accordion>

  <Accordion title="Tool Misuse Test" icon="wrench">
    **Keyword:** `tool_misuse_test`

    Testing the misuse of the model's tools and capabilities including API integration issues, supply chain vulnerabilities, and resource consumption.

    **When to Use:** Agents with external tool access, API integrations
  </Accordion>

  <Accordion title="Privacy Test" icon="user-shield">
    **Keyword:** `privacy_test`

    Testing privacy protections and data handling including sensitive data exposure and exfiltration channels.

    **When to Use:** Agents handling sensitive or personal data
  </Accordion>

  <Accordion title="Reliability and Observability Test" icon="chart-line">
    **Keyword:** `reliability_and_observability_test`

    Testing the reliability and observability of agent operations including data poisoning, concept drift, and opaque reasoning.

    **When to Use:** Production agents requiring auditability and traceability
  </Accordion>

  <Accordion title="Agent Behaviour Test" icon="user-gear">
    **Keyword:** `agent_behaviour_test`

    Testing the behaviour patterns and decision-making of the agent including human manipulation and unsafe actuation.

    **When to Use:** Agents with human interaction or physical/digital actuation capabilities
  </Accordion>

  <Accordion title="Access Control and Permissions Test" icon="key">
    **Keyword:** `access_control_and_permissions_test`

    Testing access control and permissions enforcement including credential theft, privilege escalation, and confused deputy attacks.

    **When to Use:** Agents with privileged access to systems or data
  </Accordion>

  <Accordion title="Tool Extraction Test" icon="toolbox">
    **Keyword:** `tool_extraction_test`

    Test if the agent tool information can be extracted in outputs, revealing internal capabilities and configurations.

    **When to Use:** Agents with proprietary or sensitive tool configurations
  </Accordion>
</AccordionGroup>

<Card title="Agent Test Catalog" icon="list-check" href="/get-started/redteam/agent-test-catalog">
  Comprehensive catalog of all agent tests with descriptions, categories, sample prompts, and configuration requirements
</Card>

## Attack Methods Overview

### Basic & Static Attacks

<CardGroup cols={3}>
  <Card title="Basic Prompts" icon="text">
    Direct adversarial prompts without obfuscation (baseline testing)
  </Card>

  <Card title="Encoding" icon="binary">
    9 encoding methods: Base64, Hex, ASCII, Binary, URL, Leet, Morse, ROT13, ROT21
  </Card>

  <Card title="Obfuscation" icon="masks-theater">
    Character substitution, EAI attacks, and general obfuscation techniques
  </Card>

  <Card title="Multilingual" icon="language">
    5 languages: French, Italian, Hindi, Spanish, Japanese
  </Card>

  <Card title="Visual" icon="image">
    Image masking, FigStep, HADES, JOOD for vision models
  </Card>

  <Card title="Audio" icon="waveform-lines">
    Waveform, echo, speed, pitch, reverb, noise for audio models
  </Card>
</CardGroup>

### Model-Specific Attacks

<CardGroup cols={2}>
  <Card title="Diffusion Model Attacks" icon="paint-brush">
    Coming Soon: Prompt injection for harmful image generation, bias amplification, copyright violations, NSFW content bypass
  </Card>

  <Card title="Audio Output Attacks" icon="microphone">
    Coming Soon: Voice cloning attacks, harmful audio generation, bias in speech synthesis, deepfake audio creation
  </Card>
</CardGroup>

### Dynamic Attacks

* **Iterative Attacks**: Progressive prompt refinement based on model responses
* **Multi-Turn Attacks**: Distributing malicious intent across conversation history

### Advanced Techniques

* **Deep Inception**: Nested multi-layer prompt injection using recursive context framing

[Explore all attack methods in detail →](/get-started/redteam/attack-methods-reference)

## Model Support

<Tabs>
  <Tab title="LLM (Text-to-Text)">
    **Supported Models:**

    * OpenAI (GPT-4o, GPT-4o-mini, GPT-3.5-turbo)
    * Anthropic (Claude 3.5 Sonnet, Claude 3 Opus)
    * Google (Gemini Pro, Gemini Flash)
    * Meta (Llama models)
    * Mistral, Groq, and more

    **Attack Methods:** 20+ methods including encoding, obfuscation, multilingual, dynamic attacks
  </Tab>

  <Tab title="VLM (Image+Text)">
    **Supported Models:**

    * GPT-4o with vision
    * Claude 3.5 Sonnet and many more

    **Attack Methods:** Visual manipulation, masking, FigStep, HADES, JOOD, plus text-based attacks
  </Tab>

  <Tab title="ALM (Audio+Text)">
    **Supported Models:**

    * Gemini 2.5 Flash and many more

    **Attack Methods:** Waveform manipulation, pitch shifting, speed alteration, echo, reverb, noise injection
  </Tab>

  <Tab title="AI Agents">
    **Supported Frameworks:**

    * Custom agent implementations
    * LangChain-based agents
    * AutoGPT-style agents

    **Special Tests:** 8 agentic-specific tests for tool use, access control, behavior analysis
  </Tab>

  <Tab title="Coming Soon">
    **Diffusion Models (Image Output):**

    * DALL-E 3, Midjourney, Stable Diffusion
    * Adobe Firefly, RunwayML

    **Audio Output Models:**

    * Custom TTS models

    **Planned Attack Methods:** Prompt injection for harmful image generation, voice cloning attacks, bias amplification
  </Tab>
</Tabs>

## Use Cases by Industry

<AccordionGroup>
  <Accordion title="Healthcare" icon="hospital">
    **Critical Tests:**

    * PII Test (HIPAA compliance)
    * Misinformation Test (medical accuracy)
    * Harmful Content Test (patient safety)

    **Example:** Testing a medical chatbot to ensure it doesn't leak patient data or provide dangerous medical advice.

    [View Healthcare Example →](/get-started/redteam/examples#example-13-healthcare-chatbot)
  </Accordion>

  <Accordion title="Financial Services" icon="building-columns">
    **Critical Tests:**

    * PII Test (PCI-DSS, financial data)
    * Competitor Test (proprietary information)
    * Bias Test (fair lending)

    **Example:** Testing a banking assistant to prevent unauthorized access to account information.

    [View Banking Example →](/get-started/redteam/examples#example-12-generated-dataset-with-custom-test)
  </Accordion>

  <Accordion title="Education" icon="graduation-cap">
    **Critical Tests:**

    * CSEM Test (child safety)
    * Bias Test (fair education)
    * Harmful Content Test (age-appropriate content)

    **Example:** Testing an AI tutor to ensure safe, unbiased educational support for students.

    [View Education Example →](/get-started/redteam/examples#example-14-education-platform)
  </Accordion>

  <Accordion title="Enterprise & Business" icon="briefcase">
    **Critical Tests:**

    * System Prompt Extraction (IP protection)
    * Competitor Test (confidential information)
    * Tool Misuse Test (for agents)

    **Example:** Testing a business agent to prevent unauthorized tool use or information leakage.
  </Accordion>
</AccordionGroup>

## Documentation Guide

<CardGroup cols={2}>
  <Card title="Quickstart" icon="rocket" href="/get-started/redteam/quickstart">
    Get your first red team test running in minutes
  </Card>

  <Card title="Test Catalogs" icon="list-check" href="/get-started/redteam/test-catalog">
    Foundation model and agent test catalogs with detailed descriptions
  </Card>

  <Card title="Payload Guide" icon="map" href="/get-started/redteam/payload-guide">
    Overview and quick reference for building payloads
  </Card>

  <Card title="Attack Methods" icon="sword" href="/get-started/redteam/attack-methods-reference">
    Comprehensive guide to all 30+ attack methods
  </Card>

  <Card title="Configuration" icon="sliders" href="/get-started/redteam/configuration-reference">
    Complete reference for all configuration options
  </Card>

  <Card title="Examples" icon="code" href="/get-started/redteam/examples">
    14+ ready-to-use payload examples
  </Card>

  <Card title="API Reference" icon="book" href="/api-reference/redteam-api-reference/endpoint/v3-add-custom-task">
    Complete API specification and endpoints
  </Card>
</CardGroup>

## Why Red Team Your AI?

<Steps>
  <Step title="Identify Vulnerabilities Early">
    Discover security issues before they're exploited in production. Proactive testing saves time, money, and reputation.
  </Step>

  <Step title="Meet Compliance Requirements">
    Demonstrate due diligence for regulations like GDPR, HIPAA, PCI-DSS, and emerging AI governance frameworks.
  </Step>

  <Step title="Build User Trust">
    Show your commitment to AI safety and security. Users trust systems that have been rigorously tested.
  </Step>

  <Step title="Continuous Improvement">
    Regular red teaming helps you track security improvements over time as you update your models and prompts.
  </Step>
</Steps>

## Getting Help

<CardGroup cols={2}>
  <Card title="Schedule a Demo" icon="calendar" href="https://www.enkryptai.com/request-a-demo">
    Get personalized guidance on red teaming your AI systems
  </Card>

  <Card title="Join Community" icon="users" href="https://x.com/enkryptai">
    Connect with other AI security professionals
  </Card>

  <Card title="API Documentation" icon="book-open" href="/api-reference/introduction">
    Explore our complete API documentation
  </Card>

  <Card title="Contact Support" icon="envelope" href="https://enkryptai.com">
    Get help with your red teaming implementation
  </Card>
</CardGroup>

***

Ready to start testing? [Head to the Quickstart →](/get-started/redteam/quickstart)
