Documentation
¶
Overview ¶
Package common provides shared types and utilities for all attack modules. This package consolidates duplicated definitions that previously existed independently in injection, jailbreak, orchestration, multimodal, and other attack packages.
Index ¶
- func ContainsAnyInsensitive(text string, keywords []string) bool
- func ContainsInsensitive(text, substr string) bool
- func GenerateAttackID() string
- func RandInt(max int) int
- type AttackCategory
- type AttackConfig
- type AttackResult
- type Logger
- type Message
- type NopLogger
- type Provider
- type SimpleLogger
- type TechniqueInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ContainsAnyInsensitive ¶
ContainsAnyInsensitive checks if text contains any of the keywords (case-insensitive).
func ContainsInsensitive ¶
ContainsInsensitive checks if text contains substr (case-insensitive).
func GenerateAttackID ¶
func GenerateAttackID() string
GenerateAttackID generates a unique identifier for an attack.
Types ¶
type AttackCategory ¶
type AttackCategory string
AttackCategory categorizes attack modules by domain.
const ( CategoryInjection AttackCategory = "injection" CategoryJailbreak AttackCategory = "jailbreak" CategoryOrchestration AttackCategory = "orchestration" CategoryEvasion AttackCategory = "evasion" CategoryExtraction AttackCategory = "extraction" CategoryMultimodal AttackCategory = "multimodal" CategoryPersistence AttackCategory = "persistence" CategoryExfiltration AttackCategory = "exfiltration" CategorySupplyChain AttackCategory = "supply_chain" CategoryRAG AttackCategory = "rag" CategoryAgentic AttackCategory = "agentic" CategoryAudio AttackCategory = "audio" CategoryReasoning AttackCategory = "reasoning" CategoryAdaptive AttackCategory = "adaptive" )
type AttackConfig ¶
type AttackConfig struct {
// Target configuration
Technique string `json:"technique"`
Payload string `json:"payload"`
Objective string `json:"objective"`
MaxAttempts int `json:"max_attempts"`
Timeout time.Duration `json:"timeout"`
// Provider settings
ProviderName string `json:"provider_name"`
Model string `json:"model"`
// Context
SystemPrompt string `json:"system_prompt"`
History []Message `json:"history"`
// Success criteria
SuccessIndicators []string `json:"success_indicators"`
// Advanced options
UseMutation bool `json:"use_mutation"`
MutationRate float64 `json:"mutation_rate"`
UseObfuscation bool `json:"use_obfuscation"`
// Cost control
MaxCostUSD float64 `json:"max_cost_usd"`
// Metadata
Context map[string]interface{} `json:"context,omitempty"`
Metadata map[string]string `json:"metadata,omitempty"`
}
AttackConfig configures an attack execution.
func (AttackConfig) CostExceeded ¶
func (c AttackConfig) CostExceeded(accumulatedCost float64) bool
CostExceeded reports whether accumulatedCost has reached the configured ceiling. Returns false if no ceiling is set (MaxCostUSD <= 0).
type AttackResult ¶
type AttackResult struct {
// Identification
ID string `json:"id"`
Timestamp time.Time `json:"timestamp"`
// Attack details
Technique string `json:"technique"`
Payload string `json:"payload"`
// Results
Success bool `json:"success"`
Confidence float64 `json:"confidence"`
Response string `json:"response"`
// Metrics
AttemptCount int `json:"attempt_count"`
Duration time.Duration `json:"duration"`
TokensUsed int `json:"tokens_used"`
CostUSD float64 `json:"cost_usd"`
// Analysis
SuccessFactors []string `json:"success_factors,omitempty"`
FailureReasons []string `json:"failure_reasons,omitempty"`
SuggestedFollowup string `json:"suggested_followup,omitempty"`
// Metadata
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
AttackResult contains the outcome of an attack execution.
type Logger ¶
type Logger interface {
Debug(msg string, keysAndValues ...interface{})
Info(msg string, keysAndValues ...interface{})
Warn(msg string, keysAndValues ...interface{})
Error(msg string, keysAndValues ...interface{})
}
Logger defines the structured logging interface used by attack modules.
type Message ¶
type Message struct {
Role string `json:"role"`
Content string `json:"content"`
Timestamp time.Time `json:"timestamp,omitempty"`
Metadata map[string]interface{} `json:"metadata,omitempty"`
}
Message represents a conversation message exchanged with an LLM.
type NopLogger ¶
type NopLogger struct{}
NopLogger is a Logger that discards all output. Useful for testing.
type Provider ¶
type Provider interface {
// Query sends messages to the LLM and returns the response text.
Query(ctx context.Context, messages []Message, options map[string]interface{}) (string, error)
// GetName returns the provider name (e.g., "openai", "anthropic").
GetName() string
// GetModel returns the model identifier (e.g., "gpt-4", "claude-3").
GetModel() string
// GetTokenCount returns the approximate token count for the given text.
GetTokenCount(text string) int
}
Provider is the interface for LLM providers used by attack modules. This is a simplified facade over the full core.Provider interface, providing only the methods that attack modules need.
type SimpleLogger ¶
type SimpleLogger struct{}
SimpleLogger provides a basic fmt-based Logger implementation.
func (*SimpleLogger) Debug ¶
func (l *SimpleLogger) Debug(msg string, keysAndValues ...interface{})
func (*SimpleLogger) Error ¶
func (l *SimpleLogger) Error(msg string, keysAndValues ...interface{})
func (*SimpleLogger) Info ¶
func (l *SimpleLogger) Info(msg string, keysAndValues ...interface{})
func (*SimpleLogger) Warn ¶
func (l *SimpleLogger) Warn(msg string, keysAndValues ...interface{})
type TechniqueInfo ¶
type TechniqueInfo struct {
ID string `json:"id"`
Name string `json:"name"`
Description string `json:"description"`
Category string `json:"category"`
Risk string `json:"risk"`
SuccessRate float64 `json:"success_rate"`
Examples []string
// OWASP mappings
OWASPLLMCategories []string `json:"owasp_llm_categories,omitempty"`
OWASPAgenticCategories []string `json:"owasp_agentic_categories,omitempty"`
}
TechniqueInfo provides metadata about an attack technique.