The structured attack catalog, defensive testing suite, and hands-on training labs that LLM security professionals actually need. Think MITRE ATT&CK meets HackTheBox.
Join 1,847 security professionals already on the list
THE PLATFORM
Three layers that compound: know the attacks, test your defenses, train your team.
412 classified jailbreak techniques with severity scoring, affected models, detection signatures, and mitigations. Structured like MITRE ATT&CK, updated weekly.
Point at your LLM API endpoint. Run curated attack suites. Get a security report with specific vulnerabilities and mitigations. PDF, JSON, and SARIF export.
Hands-on labs in sandboxed environments. Attack labs, defense labs, incident response scenarios. Progressive difficulty. Verifiable credentials.
ATTACK CATALOG
Every technique classified by severity, affected models, detection signatures, and proven mitigations. The catalog is structured, searchable, and cross-referenced — not a blog post that goes stale.
Full reproduction steps for authenticated users with verified security credentials. Detection signatures and mitigations are public — defense-first for everyone.
When an LLM has access to tools with parameterized inputs, user-supplied content can be passed directly to tool parameters without sanitization. Enables classical injection attacks via the LLM as intermediary.
Affected Models
Detection Signatures
· Tool calls containing SQL/shell metacharacters
· User message → tool param content overlap
· Anomalous tool parameter length/entropy
Mitigations
· Parameterized queries for all tool inputs
· Tool input validation layer (type + format)
· Output monitoring for injection indicators
DEFENDER
Point the Defender at your LLM API. It runs curated attack suites — not raw prompt spam, but intelligent, staged tests modeled on real-world jailbreak techniques. Every finding links back to the catalog with specific mitigations.
Results
HOW IT WORKS
Explore 412 classified techniques by category, model, or severity. Understand the attack surface before you test it.
Run curated attack suites against your LLM API. Get actionable findings with specific mitigations. CI/CD integration available.
Hands-on labs in sandboxed environments. Your team learns by attacking and defending real LLM deployments. Earn verifiable credentials.
FAQ
Yes. The Defender tool runs against endpoints you own and authorize. Catalog techniques are published under responsible disclosure. We follow CVE-equivalent processes.
Detection signatures and mitigations are public. Full reproduction steps require authenticated access with verified security professional credentials.
All major commercial LLMs (GPT-4, Claude, Gemini, Llama, Mistral) plus model-agnostic techniques. The catalog is model-aware — filter by what you deploy.
OWASP gives you 10 risk categories. We give you 412 specific techniques with reproduction steps, detection signatures, and hands-on labs. It’s the difference between knowing SQL injection is a risk and knowing exactly how to find and fix it.
Team plans include shared dashboards, assigned training paths, and Defender scans for your production endpoints. Enterprise plans add SSO and self-hosted scanning.
Weekly. New techniques are indexed from research papers, responsible disclosures, and community submissions. Monthly ‘State of Jailbreaking’ report tracks trends.
JailbreakingSite is building the security resource LLM teams actually need. Get early access and shape the platform.
Founding members get lifetime access to the Pro catalog