Encoding Capabilities

Prompt Attack features an advanced encoding module that enables users to encode adversarial prompts in various formats. Encoding is an essential tool in adversarial testing, allowing security teams to simulate obfuscated inputs often used in real-world attacks. These encodings help evaluate an LLM's ability to decode and process manipulated data without exposing vulnerabilities or generating unsafe outputs.

This guide outlines the supported encoding methods, their applications in adversarial testing, and the distinction between free and paid features.

Why Encoding Matters in Adversarial Testing

Encoding is a common technique used in real-world attacks to obfuscate malicious intent. Attackers often encode inputs to bypass security measures such as content filtering, validation, or detection mechanisms. For example, malicious code could be Base64-encoded to evade detection or URL-encoded to manipulate web queries. Testing how an LLM handles such encodings ensures robust defenses against adversarial inputs.

Prompt Attack allows users to simulate these scenarios and analyze an LLM's ability to:

  • Process Encoded Inputs Safely: Ensure the model doesn't inadvertently decode and act on harmful instructions.
  • Resist Obfuscation Techniques: Validate that the LLM can reject obfuscated data or respond safely.
  • Assess Decoding Logic: Identify vulnerabilities in how encoded inputs are handled.

Available Encoding Methods

Prompt Attack supports a wide range of encoding formats, categorized into free and paid options. Below is a detailed list of each encoding method, its purpose, and its applications in security testing.

Free Encodings

These encoding methods are available to all users at no additional cost:

1. Base2 (Binary)

Represents each character as binary code (e.g., "A" becomes "01000001"). This tests the model's ability to process binary data safely and reject unauthorized requests encoded in binary form.

2. Base8 (Octal)

Converts characters into octal (Base8) representation, commonly used in low-level data encoding. Example: "A" becomes "101". This ensures the LLM can resist attacks that encode prompts in less common numerical systems.

3. Braille

Converts text into Braille Unicode characters (e.g., "hello" becomes ⠓⠑⠇⠇⠕). While primarily a representation for visually impaired communication, Braille encoding tests the model's ability to process text in alternative symbolic systems.

Paid Encodings

These advanced encodings are available exclusively for premium users:

1. Base16 (Hexadecimal)

Encodes input in hexadecimal format, often used for debugging, cryptographic keys, and binary data representation. Example: "A" becomes "41". This is crucial for assessing how the model handles hex-encoded inputs, which are frequently used in malware or obfuscation.

2. Base32

Encodes text using a 32-character set. Example: "hello" becomes "NBSWY3DP". Often used in data integrity and URL-safe encoding, this ensures the LLM can handle Base32-encoded inputs securely.

3. Base64

A widely used encoding scheme for transmitting data in email and web APIs. Example: "hello" becomes "aGVsbG8=". Testing with Base64 ensures the LLM can handle encoded data without exposing vulnerabilities.

Applications of Encoded Prompts

Encoded prompts serve as critical tools in adversarial testing, enabling the simulation of real-world attack scenarios. Common applications include:

Bypassing Input Validation

Test whether the LLM can detect and reject maliciously encoded inputs.

Obfuscation Testing

Simulate obfuscated attacks to ensure the LLM doesn't inadvertently decode harmful instructions.

Robustness Validation

Evaluate the model's ability to process complex encodings safely without unintended behavior.

Workflow for Encoding Prompts

  1. Open the Prompt Attack module.
  2. Select the prompt that you want to perform encoding on
  3. Select an encoding method (free or paid) from the list.
  4. Use the encoded prompt to test the LLM and observe its behavior.
  5. Log the actual response from your LLM
Encoding interface showing prompt details with ASCII and Base2 encoding options, including prompt content, actual response fields, and result selection dropdown

Try It Out with Prompt Attack

Prompt Attack's Encoding Module is a powerful tool for testing LLMs against obfuscated adversarial inputs. By providing a wide array of encodings, from basic text transformations to advanced cryptographic representations, users can simulate real-world attack scenarios and assess their LLM's resilience. With both free and paid options available, this module supports comprehensive security testing for modern AI systems.

🚀 Create your very own customised adversarial prompt now