InjectLab: A Tactical Framework for Adversarial Threat Modeling Against Large Language Models

TL;DR

InjectLab is an open-source framework that systematically maps adversarial prompt-based attack techniques on large language models, aiding in their detection and mitigation.

Contribution

It introduces a structured, comprehensive matrix of over 25 adversarial techniques against LLMs, inspired by MITRE ATT&CK, with practical detection and mitigation guidance.

Findings

Framework covers 6 core tactics and 25+ techniques.

Includes detection guidance and mitigation strategies.

Provides a Python tool for testing adversarial prompts.

Abstract

Large Language Models (LLMs) are changing the way people interact with technology. Tools like ChatGPT and Claude AI are now common in business, research, and everyday life. But with that growth comes new risks, especially prompt-based attacks that exploit how these models process language. InjectLab is a security framework designed to address that problem. This paper introduces InjectLab as a structured, open-source matrix that maps real-world techniques used to manipulate LLMs. The framework is inspired by MITRE ATT&CK and focuses specifically on adversarial behavior at the prompt layer. It includes over 25 techniques organized under six core tactics, covering threats like instruction override, identity swapping, and multi-agent exploitation. Each technique in InjectLab includes detection guidance, mitigation strategies, and YAML-based simulation tests. A Python tool supports easy execution of prompt-based test cases. This paper outlines the framework's structure, compares it to other AI threat taxonomies, and discusses its future direction as a practical, community-driven foundation for securing language models.