A hands-on guide to finding and exploiting vulnerabilities in LLMs, agentic systems, and AI pipelines through structured labs and real attack techniques.
Key Features
Build the adversarial mindset needed to find vulnerabilities traditional security testing misses Enumerate, exploit, and chain vulnerabilities in RAG pipelines, tool integrations, and MCP servers Design and automate AI red team campaigns to measure risk statistically across deployments
Book DescriptionAs organizations deploy LLMs and AI agents into production, traditional security testing fails to keep pace. AI Red Teaming in Practice gives you the structured methodology and hands-on skills to assess these systems effectively. Written by a practitioner who discovered critical vulnerabilities in production AI systems contributed to OWASP GenAI security guides, this book takes you from foundational concepts through advanced exploitation and campaign automation. You will learn why AI systems fail in ways that go beyond unauthorized access, including biased outputs, unreliable behavior, and misaligned actions that cause real business damage. You learn to threat model any GenAI system, define scope, and build a prioritized test plan. A purpose-built lab, the TechCorp AI Recruiting Assistant, runs throughout the book. This agentic system combines RAG retrieval, tool calling, and multi-role access, giving you a realistic target for chapters covering reconnaissance, fingerprinting, prompt injection, data extraction, tool exploitation, and supply chain assessment. Final chapters cover campaign design, PyRIT integration, and reporting strategies for executives, engineers, and auditors. By the end, you will be equipped to plan and execute professional AI red team engagements against any generative AI deployment.What you will learn
Understand how AI systems fail in ways classic testing never catches Build threat models and prioritized test plans for agentic systems Conduct black-box, grey-box, and white-box AI assessments Execute prompt injection campaigns and measure success statistically Extract sensitive data from RAG pipelines and tool integrations Exploit MCP servers and multi-step agentic attack chains Automate AI red team campaigns using PyRIT and human-LLM attack loops Report AI security findings to executives, engineers, and audit teams
Who this book is forThis book is written for penetration testers, security engineers, and red teamers who want to specialize in generative AI security. It is also valuable for AI engineers and security architects responsible for deploying and protecting LLM-based systems, and for security managers building AI red team capabilities. Readers should be comfortable with Python and have a basic understanding of cybersecurity concepts such as penetration testing or vulnerability assessment. No prior experience with machine learning or large language models is required.
