LLM Red Teaming Framework for defensive security research
Project description
HiveTrace Red: LLM Red Teaming Framework
A security framework for testing Large Language Model (LLM) vulnerabilities through systematic attack methodologies and evaluation pipelines.
HiveTrace Red can be used for:
- Red teaming your LLM applications - Test safety guardrails before deployment
- Research & benchmarking - Systematic evaluation of LLM robustness across attack vectors
- Compliance testing - Validate AI safety requirements and regulatory standards
- Attack technique research - Explore and compose novel jailbreak methodologies
HiveTrace Red combines static attack templates, dynamic prompt manipulation, and adaptive evaluation to systematically explore LLM failure modes. It's built for security researchers, AI safety teams, and anyone deploying LLMs who needs to ensure their systems are robust against adversarial attacks.
Features
- 80+ Attacks: Comprehensive library across 10 categories (roleplay, persuasion, token smuggling, etc.)
- Multiple LLM Providers: OpenAI, GigaChat, YandexGPT, Google Gemini, and more
- Advanced Evaluation: WildGuard evaluators and systematic response assessment
- Async Pipeline: Efficient streaming architecture for large-scale testing
- Multi-Language Support: Testing across multiple languages including Russian
Attack Categories
| Category | Description |
|---|---|
| Roleplay | Persona-based jailbreaks using specific character roles |
| Persuasion | Social engineering techniques and psychological manipulation |
| Token Smuggling | Encoding and obfuscation methods to hide malicious intent |
| Context Switching | Conversation redirection to confuse safety filters |
| In-Context Learning | Few-shot examples to teach undesired behavior |
| Task Deflection | Reframing harmful requests as legitimate tasks |
| Text Structure Modification | Format manipulation to bypass detection |
| Output Formatting | Specific output format requests to bypass safety |
| Irrelevant Information | Content dilution to confuse safety filters |
| Simple Instructions | Direct instruction-based attacks |
How It Works
Base Prompts → Apply Attacks → Modified Prompts → Target Model → Responses → Evaluator → Results
The framework provides a 3-stage pipeline:
- Attack Generation: Apply various attack techniques to base prompts
- Model Testing: Send modified prompts to target LLMs
- Evaluation: Assess responses using WildGuard or custom evaluators
The hivetracered-report command generates comprehensive HTML reports with:
- Executive summary with key metrics and OWASP LLM Top 10 mapping
- Interactive charts showing attack success rates by type and name
- Content analysis with response length distributions
- Data explorer with filtering capabilities
- Sample prompts and responses for detailed inspection
Results Example
The framework provides detailed attack analysis showing success rates across different attack types and individual attack techniques:
The analysis includes:
- Success Rate by Attack Type: Comparative effectiveness of different attack categories (persuasion, roleplay, simple instructions, etc.)
- Success Rate by Attack Name: Granular breakdown of individual attack technique performance
Installation
Install HiveTraceRed via pip:
pip install hivetracered
This will install the package and make the following CLI commands available:
hivetracered- Main CLI for running attack pipelineshivetracered-report- Generate HTML reports from resultshivetracered-recorder- Record browser interactions for web-based models (requirespip install 'hivetracered[web]')
Alternatively, install from source:
git clone https://github.com/HiveTrace/HiveTraceRed.git
cd HiveTraceRed
pip install -e .
Documentation
📖 Complete Documentation - Installation, tutorials, API reference, and attack guides
Requirements
- Python 3.10 or higher
- pip package manager
- Virtual environment (recommended)
Responsible Use
⚠️ This tool is designed for defensive security research only.
HiveTrace Red should be used exclusively for:
- Testing and improving your own LLM systems
- Developing robust AI safety mechanisms
- Conducting authorized security assessments
- Academic research on LLM vulnerabilities
Do NOT use this tool for:
- Attacking systems you don't own or have permission to test
- Malicious purposes or causing harm
- Bypassing safety measures in production systems without authorization
Users are responsible for ensuring their use complies with applicable laws and the terms of service of the LLM providers they test.
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hivetracered-1.0.15.tar.gz.
File metadata
- Download URL: hivetracered-1.0.15.tar.gz
- Upload date:
- Size: 198.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3c4cf471dfb82fced873318acc8486c29d2900b7c774cf58b371cbaa9be3b7b1
|
|
| MD5 |
36960e380a49fccb8b4701509c47aac0
|
|
| BLAKE2b-256 |
2982761f41f857a0f096d2f59e52aa19e98b7a5dc54f3ac1a9000cef85777fd2
|
File details
Details for the file hivetracered-1.0.15-py3-none-any.whl.
File metadata
- Download URL: hivetracered-1.0.15-py3-none-any.whl
- Upload date:
- Size: 297.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.11
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3596be7b6e789d47ffd2796e365efc5bafcb8652734f50e2b359e3f501f22de0
|
|
| MD5 |
40cf9d177bbb4dcadb6257a95c46f727
|
|
| BLAKE2b-256 |
50bf2501e0c9c38675cd0ef7a3fcc3bed93bd9b5cdbb8317c0d9d63bfbc686b4
|
