AI Hacking 101
Contact IT Dojo for current pricing, available dates, and a custom quote tailored to your team or organization.
Course Duration
1 day
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
A preliminary understanding of penetration testing methodology is suggested.
Course Description
The AI Hacking 101 course teaches students the fundamentals of penetration testing AI/LLM-based applications such as customer-facing chatbots. The course focuses on demonstrating how to detect and exploit common AI vulnerabilities including prompt injection, sensitive information disclosure, improper output handling, system prompt leakage, misinformation, and excessive agency. Students spend hands-on time in a custom-built lab environment exploiting and uncovering these vulnerabilities using the TCM Vulnerable Chatbot — a customer service chatbot with Retrieval Augmented Generation (RAG) capabilities.
Learning Objectives
- Explain how AI/LLM-based applications such as chatbots can be attacked
- Detect and exploit prompt injection, sensitive information disclosure, and improper output handling
- Identify system prompt leakage, misinformation, and excessive agency vulnerabilities
- Exploit AI vulnerabilities hands-on using the TCM Vulnerable Chatbot lab
Course Outline
1 – AI Fundamentals and Threat Modeling
- AI Fundamentals Review: model parameters, temperature, top-p, inference, training, LLMs
- AI Threat Model: threat actors, assets, adversary goals, and attack surfaces
- Reconnaissance, model mapping, baseline behavior, and fingerprinting
2 – Prompt Injection and Jailbreaking
- Common prompt injection and jailbreaking techniques
- Prompt injection tools and repositories
- Bypassing common input/output filtering protections
3 – AI Application Exploitation
- Testing for harmful output, hate speech, misinformation, and resource drainage
- Data exfiltration via Retrieval Augmented Generation (RAG)
- RAG and vector database attacks
- Excessive agency exploitation and testing
Frequently Asked Questions
What does the AI Hacking 101 course cover?
The AI Hacking 101 course teaches students the fundamentals of penetration testing AI/LLM-based applications such as customer-facing chatbots. IT Dojo delivers it as live instructor-led training for government and business professionals.
How long is IT Dojo's AI Hacking 101 training?
AI Hacking 101 is a 1 day course. It is available as live remote online instruction or on-site at your facility.
Is this course available as live remote online training?
Yes. IT Dojo offers AI Hacking 101 as live remote online training led in real time by a certified instructor. On-site delivery at your government facility or contractor location is also available.
Who should attend this course?
Security professionals and penetration testers who want to identify and exploit vulnerabilities in AI and large language model applications.
Does IT Dojo offer this training on-site at government or DoD facilities?
Yes. IT Dojo delivers AI Hacking 101 on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams and can be customized to your organization's workflows. Contact IT Dojo to schedule.
How do I register for this course?
IT Dojo training is employer sponsored. Your organization registers and pays for seats. To schedule AI Hacking 101 for your team, contact IT Dojo via the Request Training form or call 757-216-3656.