Attack Catalog - ai-blackteam

ai-blackteam ships 1,021 attack techniques across 61 categories. Every attack falls into one of three modes:

Single-turn - One-shot attacks that send a single prompt and evaluate the response.
Multi-turn - Conversational attacks that build context over multiple exchanges before delivering the payload.
Tool-use - Agent exploitation attacks that target tool-calling, MCP, and multi-agent architectures.

Running attacks

Run any attack by its technique ID:

ai-blackteam run -p anthropic -a <technique-id> -t "target description"

List every available attack:

ai-blackteam list-attacks

View the full taxonomy tree:

ai-blackteam taxonomy

Category	Total	Single-turn	Multi-turn	Tool-use
Academic Exploitation	15	15	0	0
Access Control	4	3	1	0
Adversarial ML	25	25	0	0
Agent Exploitation	11	0	0	11
Autonomous Risk	7	6	1	0
Autonomous Systems	10	10	0	0
Availability	1	1	0	0
Bias Exploitation	15	15	0	0
Capability Elicitation	15	15	0	0
CBRN Evasion	15	15	0	0
Child Safety	3	3	0	0
Code Exploitation	16	16	0	0
Compliance	2	1	1	0
Compliance Evasion	8	7	1	0
Context Manipulation	9	0	9	0
Copyright & IP	3	2	1	0
Cross Platform	15	4	0	11
Crypto Exploitation	25	25	0	0
Cybercrime	7	7	0	0
Disinformation	22	17	5	0
Election Interference	15	14	1	0
Encoding	63	63	0	0
Financial Exploitation	26	26	0	0
Financial Fraud	18	17	1	0
Gaming Exploitation	25	25	0	0
Harmful Content	57	57	0	0
Healthcare Exploitation	25	25	0	0
Identity Attack	17	9	8	0
Information Disclosure	3	0	3	0
Information Warfare	25	25	0	0
Infrastructure Attack	25	25	0	0
Injection	4	4	0	0
IoT Exploitation	15	15	0	0
Legal Exploitation	28	28	0	0
MCP Exploitation	5	0	0	5
Media Manipulation	25	25	0	0
Memory Exploitation	15	9	6	0
Misinformation	8	6	2	0
Model Extraction	25	25	0	0
Multi-Agent Exploitation	5	0	4	1
Multimodal	5	5	0	0
Output Manipulation	16	16	0	0
Persuasion	15	9	6	0
Privacy Violation	17	13	4	0
Prompt Injection	63	59	4	0
Protocol Exploitation	5	0	0	5
Psychological Manipulation	25	18	7	0
Public Safety	15	15	0	0
RAG Exploitation	5	3	0	2
Regulatory Evasion	1	1	0	0
Safety Circumvention	25	25	0	0
Scientific Misconduct	25	25	0	0
Social Engineering	35	15	19	1
Social Engineering Advanced	25	23	2	0
Supply Chain	6	4	0	2
Surveillance	16	16	0	0
Tool Exploitation	1	0	0	1
Unqualified Advice	19	16	3	0
Weapons Evasion	16	16	0	0
Vuln Research	4	4	0	0
Workplace Exploitation	25	25	0	0