Offsec ML Playbook

A database of offensive ML TTP’s, broken down by supply chain attacks, offensive ML techniques and adversarial ML. The playbook aims to simplify the decision making process of targetting ML in an organization.

Want to poison an LLM’s ground truths? We can do that. Want to put malware in a model and work out how to distribute it? We got the former and the latter. – Multiple ways!

Want to understand the state-of-the-art in Offsec ML flywheels, droppers and obfuscators?

Or maybe hit an LLM via API endpoint with a repeated character sequences attack? We got that too.

gif of graph in action

What’s next?

More verified TTPs, more PoCs. The supply chain section is the most fleshed out right now, and the second prioirity is the offsec TTPs.

Better graphing, right now the graphing on my local works differently to when published:

Expect to see movement in MLops TTPs and more Supply chain attacks and methods for payload distribution by December ‘23.

More Data

The repo’d copy has more data, namely properties like transferability (True, False, N/A) which tell a really important story; does the listed technique work on other ML models? Soon this will be available in the graph.

Enjoy!