[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"similar-sherdencooper--GPTFuzz":3,"tool-sherdencooper--GPTFuzz":64},[4,17,27,35,43,56],{"id":5,"name":6,"github_repo":7,"description_zh":8,"stars":9,"difficulty_score":10,"last_commit_at":11,"category_tags":12,"status":16},3808,"stable-diffusion-webui","AUTOMATIC1111\u002Fstable-diffusion-webui","stable-diffusion-webui 是一个基于 Gradio 构建的网页版操作界面，旨在让用户能够轻松地在本地运行和使用强大的 Stable Diffusion 图像生成模型。它解决了原始模型依赖命令行、操作门槛高且功能分散的痛点，将复杂的 AI 绘图流程整合进一个直观易用的图形化平台。\n\n无论是希望快速上手的普通创作者、需要精细控制画面细节的设计师，还是想要深入探索模型潜力的开发者与研究人员，都能从中获益。其核心亮点在于极高的功能丰富度：不仅支持文生图、图生图、局部重绘（Inpainting）和外绘（Outpainting）等基础模式，还独创了注意力机制调整、提示词矩阵、负向提示词以及“高清修复”等高级功能。此外，它内置了 GFPGAN 和 CodeFormer 等人脸修复工具，支持多种神经网络放大算法，并允许用户通过插件系统无限扩展能力。即使是显存有限的设备，stable-diffusion-webui 也提供了相应的优化选项，让高质量的 AI 艺术创作变得触手可及。",162132,3,"2026-04-05T11:01:52",[13,14,15],"开发框架","图像","Agent","ready",{"id":18,"name":19,"github_repo":20,"description_zh":21,"stars":22,"difficulty_score":23,"last_commit_at":24,"category_tags":25,"status":16},1381,"everything-claude-code","affaan-m\u002Feverything-claude-code","everything-claude-code 是一套专为 AI 编程助手（如 Claude Code、Codex、Cursor 等）打造的高性能优化系统。它不仅仅是一组配置文件，而是一个经过长期实战打磨的完整框架，旨在解决 AI 代理在实际开发中面临的效率低下、记忆丢失、安全隐患及缺乏持续学习能力等核心痛点。\n\n通过引入技能模块化、直觉增强、记忆持久化机制以及内置的安全扫描功能，everything-claude-code 能显著提升 AI 在复杂任务中的表现，帮助开发者构建更稳定、更智能的生产级 AI 代理。其独特的“研究优先”开发理念和针对 Token 消耗的优化策略，使得模型响应更快、成本更低，同时有效防御潜在的攻击向量。\n\n这套工具特别适合软件开发者、AI 研究人员以及希望深度定制 AI 工作流的技术团队使用。无论您是在构建大型代码库，还是需要 AI 协助进行安全审计与自动化测试，everything-claude-code 都能提供强大的底层支持。作为一个曾荣获 Anthropic 黑客大奖的开源项目，它融合了多语言支持与丰富的实战钩子（hooks），让 AI 真正成长为懂上",138956,2,"2026-04-05T11:33:21",[13,15,26],"语言模型",{"id":28,"name":29,"github_repo":30,"description_zh":31,"stars":32,"difficulty_score":23,"last_commit_at":33,"category_tags":34,"status":16},2271,"ComfyUI","Comfy-Org\u002FComfyUI","ComfyUI 是一款功能强大且高度模块化的视觉 AI 引擎，专为设计和执行复杂的 Stable Diffusion 图像生成流程而打造。它摒弃了传统的代码编写模式，采用直观的节点式流程图界面，让用户通过连接不同的功能模块即可构建个性化的生成管线。\n\n这一设计巧妙解决了高级 AI 绘图工作流配置复杂、灵活性不足的痛点。用户无需具备编程背景，也能自由组合模型、调整参数并实时预览效果，轻松实现从基础文生图到多步骤高清修复等各类复杂任务。ComfyUI 拥有极佳的兼容性，不仅支持 Windows、macOS 和 Linux 全平台，还广泛适配 NVIDIA、AMD、Intel 及苹果 Silicon 等多种硬件架构，并率先支持 SDXL、Flux、SD3 等前沿模型。\n\n无论是希望深入探索算法潜力的研究人员和开发者，还是追求极致创作自由度的设计师与资深 AI 绘画爱好者，ComfyUI 都能提供强大的支持。其独特的模块化架构允许社区不断扩展新功能，使其成为当前最灵活、生态最丰富的开源扩散模型工具之一，帮助用户将创意高效转化为现实。",107662,"2026-04-03T11:11:01",[13,14,15],{"id":36,"name":37,"github_repo":38,"description_zh":39,"stars":40,"difficulty_score":23,"last_commit_at":41,"category_tags":42,"status":16},3704,"NextChat","ChatGPTNextWeb\u002FNextChat","NextChat 是一款轻量且极速的 AI 助手，旨在为用户提供流畅、跨平台的大模型交互体验。它完美解决了用户在多设备间切换时难以保持对话连续性，以及面对众多 AI 模型不知如何统一管理的痛点。无论是日常办公、学习辅助还是创意激发，NextChat 都能让用户随时随地通过网页、iOS、Android、Windows、MacOS 或 Linux 端无缝接入智能服务。\n\n这款工具非常适合普通用户、学生、职场人士以及需要私有化部署的企业团队使用。对于开发者而言，它也提供了便捷的自托管方案，支持一键部署到 Vercel 或 Zeabur 等平台。\n\nNextChat 的核心亮点在于其广泛的模型兼容性，原生支持 Claude、DeepSeek、GPT-4 及 Gemini Pro 等主流大模型，让用户在一个界面即可自由切换不同 AI 能力。此外，它还率先支持 MCP（Model Context Protocol）协议，增强了上下文处理能力。针对企业用户，NextChat 提供专业版解决方案，具备品牌定制、细粒度权限控制、内部知识库整合及安全审计等功能，满足公司对数据隐私和个性化管理的高标准要求。",87618,"2026-04-05T07:20:52",[13,26],{"id":44,"name":45,"github_repo":46,"description_zh":47,"stars":48,"difficulty_score":23,"last_commit_at":49,"category_tags":50,"status":16},2268,"ML-For-Beginners","microsoft\u002FML-For-Beginners","ML-For-Beginners 是由微软推出的一套系统化机器学习入门课程，旨在帮助零基础用户轻松掌握经典机器学习知识。这套课程将学习路径规划为 12 周，包含 26 节精炼课程和 52 道配套测验，内容涵盖从基础概念到实际应用的完整流程，有效解决了初学者面对庞大知识体系时无从下手、缺乏结构化指导的痛点。\n\n无论是希望转型的开发者、需要补充算法背景的研究人员，还是对人工智能充满好奇的普通爱好者，都能从中受益。课程不仅提供了清晰的理论讲解，还强调动手实践，让用户在循序渐进中建立扎实的技能基础。其独特的亮点在于强大的多语言支持，通过自动化机制提供了包括简体中文在内的 50 多种语言版本，极大地降低了全球不同背景用户的学习门槛。此外，项目采用开源协作模式，社区活跃且内容持续更新，确保学习者能获取前沿且准确的技术资讯。如果你正寻找一条清晰、友好且专业的机器学习入门之路，ML-For-Beginners 将是理想的起点。",84991,"2026-04-05T10:45:23",[14,51,52,53,15,54,26,13,55],"数据工具","视频","插件","其他","音频",{"id":57,"name":58,"github_repo":59,"description_zh":60,"stars":61,"difficulty_score":10,"last_commit_at":62,"category_tags":63,"status":16},3128,"ragflow","infiniflow\u002Fragflow","RAGFlow 是一款领先的开源检索增强生成（RAG）引擎，旨在为大语言模型构建更精准、可靠的上下文层。它巧妙地将前沿的 RAG 技术与智能体（Agent）能力相结合，不仅支持从各类文档中高效提取知识，还能让模型基于这些知识进行逻辑推理和任务执行。\n\n在大模型应用中，幻觉问题和知识滞后是常见痛点。RAGFlow 通过深度解析复杂文档结构（如表格、图表及混合排版），显著提升了信息检索的准确度，从而有效减少模型“胡编乱造”的现象，确保回答既有据可依又具备时效性。其内置的智能体机制更进一步，使系统不仅能回答问题，还能自主规划步骤解决复杂问题。\n\n这款工具特别适合开发者、企业技术团队以及 AI 研究人员使用。无论是希望快速搭建私有知识库问答系统，还是致力于探索大模型在垂直领域落地的创新者，都能从中受益。RAGFlow 提供了可视化的工作流编排界面和灵活的 API 接口，既降低了非算法背景用户的上手门槛，也满足了专业开发者对系统深度定制的需求。作为基于 Apache 2.0 协议开源的项目，它正成为连接通用大模型与行业专有知识之间的重要桥梁。",77062,"2026-04-04T04:44:48",[15,14,13,26,54],{"id":65,"github_repo":66,"name":67,"description_en":68,"description_zh":69,"ai_summary_zh":69,"readme_en":70,"readme_zh":71,"quickstart_zh":72,"use_case_zh":73,"hero_image_url":74,"owner_login":75,"owner_name":76,"owner_avatar_url":77,"owner_bio":78,"owner_company":76,"owner_location":78,"owner_email":79,"owner_twitter":78,"owner_website":78,"owner_url":80,"languages":81,"stars":94,"forks":95,"last_commit_at":96,"license":97,"difficulty_score":10,"env_os":98,"env_gpu":99,"env_ram":100,"env_deps":101,"category_tags":108,"github_topics":78,"view_count":10,"oss_zip_url":78,"oss_zip_packed_at":78,"status":16,"created_at":109,"updated_at":110,"faqs":111,"releases":140},1049,"sherdencooper\u002FGPTFuzz","GPTFuzz","Official repo for GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts","GPTFuzz是一款用于测试大语言模型安全性的工具，通过自动生成越狱提示对模型进行攻击测试，帮助识别潜在漏洞。它解决了传统人工设计攻击提示效率低、覆盖不全面的问题，能自动化生成针对模型安全机制的测试用例，提升漏洞发现效率。该工具适合开发者、研究人员及安全团队使用，尤其适用于需要评估大模型安全性的场景。其核心亮点在于结合微调的RoBERTa模型作为判断器，自动分析模型响应并生成攻击策略，同时支持多种模型和数据集的扩展。工具已通过Usenix Security会议认可，并在Geekcon等场合展示实际攻击演示，为大模型安全研究提供了实用框架。","# GPTFUZZER : Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts\n\n\u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fsherdencooper_GPTFuzz_readme_1a0f56d39ffa.png\" width=500>\n\n[![License: MIT](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-MIT-yellow.svg)](https:\u002F\u002Fopensource.org\u002Flicenses\u002FMIT)\n\nThis is the official repository for \"[GPTFUZZER: Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts](https:\u002F\u002Farxiv.org\u002Fpdf\u002F2309.10253.pdf)\" by [Jiahao Yu](https:\u002F\u002Fsherdencooper.github.io\u002F), [Xingwei Lin](https:\u002F\u002Fscholar.google.com\u002Fcitations?user=Zv_rC0AAAAAJ&hl=en), [Zheng Yu](http:\u002F\u002Fwww.dataisland.org\u002F), [Xinyu Xing](http:\u002F\u002Fxinyuxing.org\u002F).\n\n## Table of Contents\n\n- [Updates](#updates)\n- [Installation](#installation)\n- [Datasets](#datasets)\n- [Models](#models)\n- [Running](#running)\n- [Release](#release)\n- [FQA](#fqa)\n\n## Updates\n- (2024\u002F8\u002F13) This paper was accepted by Usenix Security. See the [proceeding paper](https:\u002F\u002Fwww.usenix.org\u002Fconference\u002Fusenixsecurity24\u002Fpresentation\u002Fyu-jiahao)\n- (2023\u002F10\u002F25) 🏆 🏆 We won the Frontier Breakthrough Award and Outstanding Presentation Award at Geekcon 2023!\n- (2023\u002F10\u002F22) Our work will be presented in the [Geekcon 2023](https:\u002F\u002Fgeekcon.darknavy.com\u002F2023\u002Fchina\u002Fen\u002Findex.html) conference! We will give a talk about our work and give a live attack demo with our tool. We will also include the attack results for Chinese LLMs which have not be included in our paper. We are looking forward to meeting you there!\n- (2023\u002F10\u002F21) We have updated our codebase to make it more readable and easier to use. We will continue to update the codebase and add more features and other implementations. We are looking forward to build a general black-box fuzzing framework for large language models. Stay tuned!\n- (2023\u002F9\u002F19) Our paper is on arXiv! Check it out [here](https:\u002F\u002Farxiv.org\u002Fpdf\u002F2309.10253.pdf)!\n\n## Installation\n\nPlease refer to [install.ipynb](.\u002Finstall.ipynb)\n\n## Datasets\nThe datasets for the harmful question and human-written templates are available in `datasets\u002Fquestions\u002Fquestion_list.csv` and `datasets\u002Fprompts\u002FGPTFuzzer.csv`. The questions are sampled from two public datasets: [llm-jailbreak-study](https:\u002F\u002Fsites.google.com\u002Fview\u002Fllm-jailbreak-study) and [hh-rlhf](https:\u002F\u002Fhuggingface.co\u002Fdatasets\u002FAnthropic\u002Fhh-rlhf), and the templates are collected from [llm-jailbreak-study](https:\u002F\u002Fsites.google.com\u002Fview\u002Fllm-jailbreak-study).\n\nFor the responses we got by querying Vicuna-7B, ChatGPT and Llama-2-7B-chat, we store them in `datasets\u002Fresponses` and the labeled responses are in `datasets\u002Fresponses_labeled`. You could also use `generate_responses.py` to generate responses for different models or different questions (see the scripts under `scripts` folder for examples).\n\nWe are still working on the evaluation on other question dataset and jailbreak dataset. We will update the codebase and the datasets after we have some results.\n## Models\n\nOur judgment model is a finetuned RoBERTa-large model and the training code is in `.\u002Fexample\u002Ffinetune_roberta.py`, and the training\u002Fevaluating data is stored in `datasets\u002Fresponses_labeled`. The model we used is hosted on [Hugging Face](https:\u002F\u002Fhuggingface.co\u002Fhubert233\u002FGPTFuzz). When running fuzzing experiments, the model will be automatically downloaded and cached for the first time. If you would like to download the model manually, you can run the following code:\n\n```python\nfrom transformers import RobertaForSequenceClassification, RobertaTokenizer\nmodel_path = 'hubert233\u002FGPTFuzz'\nmodel = RobertaForSequenceClassification.from_pretrained(model_path)\ntokenizer = RobertaTokenizer.from_pretrained(model_path)\n```\nDuring our experiments, we found that our trained model can also be transferred to other questions. However, we also found that it does not work well on some questions and other languages. We will add more predictor model soon.\n\n## Running\nWe provide a python [example](.\u002Fgptfuzz.py) to show the minimal code to run the fuzzing experiments. This example uses ChatGPT as mutate model to attack Llama-2-7B-chat with official system prompt(we did the monkey patch for Fastchat template since Fastchat deleted the official system prompt in recent update), and you should be able to get the identical results in [example folder](.\u002Fexample\u002F) (we set the random seed for reproducibility and temperature=0).\n\n\nYou can also refer to the [notebook](.\u002Fexample.ipynb) for more details and explanations.\n\n\n## Release\n\nDue to ethical concern, we decided not to release the adversarial templates we found during our experiments openly. However, we are happy to share them with researchers who are interested in this topic. Please contact us via [email](mailto:jiahao.yu@northwestern.edu) if you would like to get access to the templates we found during the experiments. Also, you can use the code in this repository to generate your own adversarial templates.\n\n## FQA\n1. I found some labels in your labeled responses are wrong.\n    - We are sorry about that. As our paper claimed, determining whether it is a jailbroken response is not a trivial task and some responses are hard to label. Also, due to the stress of labeling a large amount of potential toxic responses, we might have made some mistakes. If you find any wrong labels, please let us know and we will fix them as soon as possible.\n2. The fuzz is slow, especially when I am using multiple questions for the local model.\n    - We found that use batched inference can significantly speed up the fuzzing process. However, the results might be slightly different from the original results because of the padding tokens (see [here](https:\u002F\u002Fgithub.com\u002Ftloen\u002Falpaca-lora\u002Fissues\u002F20)). We suggest using [vllm](https:\u002F\u002Fgithub.com\u002Fvllm-project\u002Fvllm) inference for hyper performance\n3. How could I implement my own mutator\u002Fseed selector?\n    - You can implement your own mutator\u002Fseed selector by inheriting the class. You can refer to `mutator.py` and `selection.py` for examples.\n    Also, as we claimed, we would like to work on a general black-box fuzzing framework for large language models. If you have some ideas or suggestions or you find other papers that are related to this topic, please let us know or leave the comment in the issue. We are happy to implement them and make this framework more powerful.\n\n## Citation\nIf you find this useful in your research, please consider citing:\n\n```\n@inproceedings{yu2024llm,\n  title={$\\{$LLM-Fuzzer$\\}$: Scaling Assessment of Large Language Model Jailbreaks},\n  author={Yu, Jiahao and Lin, Xingwei and Yu, Zheng and Xing, Xinyu},\n  booktitle={33rd USENIX Security Symposium (USENIX Security 24)},\n  pages={4657--4674},\n  year={2024}\n}\n\n@article{yu2023gptfuzzer,\n  title={Gptfuzzer: Red teaming large language models with auto-generated jailbreak prompts},\n  author={Yu, Jiahao and Lin, Xingwei and Yu, Zheng and Xing, Xinyu},\n  journal={arXiv preprint arXiv:2309.10253},\n  year={2023}\n}\n```\n","# GPTFUZZER : 利用自动生成的越狱提示对大语言模型进行红队攻击\n\n\u003Cimg src=\"https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fsherdencooper_GPTFuzz_readme_1a0f56d39ffa.png\" width=500>\n\n[![许可证：MIT](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-MIT-yellow.svg)](https:\u002F\u002Fopensource.org\u002Flicenses\u002FMIT)\n\n这是由[Jiahao Yu](https:\u002F\u002Fsherdencooper.github.io\u002F)、[Xingwei Lin](https:\u002F\u002Fscholar.google.com\u002Fcitations?user=Zv_rC0AAAAAJ&hl=en)、[Zheng Yu](http:\u002F\u002Fwww.dataisland.org\u002F)、[Xinyu Xing](http:\u002F\u002Fxinyuxing.org\u002F)撰写的\"[GPTFUZZER: Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts](https:\u002F\u002Farxiv.org\u002Fpdf\u002F2309.10253.pdf)\"的官方仓库。\n\n## 目录\n\n- [更新](#更新)\n- [安装](#安装)\n- [数据集](#数据集)\n- [模型](#模型)\n- [运行](#运行)\n- [发布](#发布)\n- [常见问题解答](#fqa)\n\n## 更新\n- (2024\u002F8\u002F13) 本文已被Usenix Security录用。请查看[会议论文](https:\u002F\u002Fwww.usenix.org\u002Fconference\u002Fusenixsecurity24\u002Fpresentation\u002Fyu-jiahao)\n- (2023\u002F10\u002F25) 🏆 🏆 我们在Geekcon 2023上荣获前沿突破奖和最佳演讲奖！\n- (2023\u002F10\u002F22) 我们的工作将在[Geekcon 2023](https:\u002F\u002Fgeekcon.darknavy.com\u002F2023\u002Fchina\u002Fen\u002Findex.html)会议上发表！我们将介绍我们的工作并演示工具的实时攻击演示。我们还将包含未在论文中包含的中文LLM攻击结果。我们期待在那里与您见面！\n- (2023\u002F10\u002F21) 我们已更新代码库使其更易读和使用。我们将继续更新代码库并添加更多功能和其他实现。我们期待构建一个通用的黑盒模糊测试框架用于大语言模型。敬请期待！\n- (2023\u002F9\u002F19) 我们的论文已发布在arXiv！请查看[此处](https:\u002F\u002Farxiv.org\u002Fpdf\u002F2309.10253.pdf)！\n\n## 安装\n\n请参考[install.ipynb](.\u002Finstall.ipynb)\n\n## 数据集\n有害问题和人工编写模板的数据集位于`datasets\u002Fquestions\u002Fquestion_list.csv`和`datasets\u002Fprompts\u002FGPTFuzzer.csv`。问题来自两个公开数据集：[llm-jailbreak-study](https:\u002F\u002Fsites.google.com\u002Fview\u002Fllm-jailbreak-study)和[hh-rlhf](https:\u002F\u002Fhuggingface.co\u002Fdatasets\u002FAnthropic\u002Fhh-rlhf)，模板则收集自[llm-jailbreak-study](https:\u002F\u002Fsites.google.com\u002Fview\u002Fllm-jailbreak-study)。\n\n对于通过查询Vicuna-7B、ChatGPT和Llama-2-7B-chat获得的响应，我们存储在`datasets\u002Fresponses`中，标注响应存储在`datasets\u002Fresponses_labeled`。您也可以使用`generate_responses.py`为不同模型或不同问题生成响应（请参见`scripts`文件夹中的脚本示例）。\n\n我们仍在对其他问题数据集和越狱数据集进行评估。我们将在取得一些结果后更新代码库和数据集。\n\n## 模型\n\n我们的判断模型是一个微调后的RoBERTa-large模型，训练代码位于`.\u002Fexample\u002Ffinetune_roberta.py`，训练\u002F评估数据存储在`datasets\u002Fresponses_labeled`。我们使用的模型托管在[Hugging Face](https:\u002F\u002Fhuggingface.co\u002Fhubert233\u002FGPTFuzz)。在运行模糊测试实验时，模型会首次自动下载并缓存。如果您希望手动下载模型，可以运行以下代码：\n\n```python\nfrom transformers import RobertaForSequenceClassification, RobertaTokenizer\nmodel_path = 'hubert233\u002FGPTFuzz'\nmodel = RobertaForSequenceClassification.from_pretrained(model_path)\ntokenizer = RobertaTokenizer.from_pretrained(model_path)\n```\n在我们的实验中发现，训练好的模型也可以迁移到其他问题上。然而，我们也发现它在某些问题和其他语言上表现不佳。我们很快会添加更多预测器模型。\n\n## 运行\n我们提供了一个Python [示例](.\u002Fgptfuzz.py)来展示运行模糊测试实验的最小代码。此示例使用ChatGPT作为变异模型攻击Llama-2-7B-chat，使用官方系统提示（由于Fastchat最近更新删除了官方系统提示，我们进行了猴子补丁）。您应该能够获得与[示例文件夹](.\u002Fexample\u002F)中相同的结果（我们设置了随机种子以确保可重复性，温度=0）。\n\n您还可以参考[笔记本](.\u002Fexample.ipynb)了解更多信息和解释。\n\n## 发布\n\n由于伦理考虑，我们决定不公开发布我们在实验中发现的对抗性模板。然而，我们很高兴与对这个主题感兴趣的研究人员分享它们。如果您想获取实验中发现的模板，请通过[电子邮件](mailto:jiahao.yu@northwestern.edu)联系我们。您也可以使用此仓库中的代码生成自己的对抗性模板。\n\n## 常见问题解答\n1. 我发现您标注的响应中有一些标签错误。\n    - 对不起，我们对此表示歉意。正如我们的论文所声明的，判断是否为越狱响应并非易事，一些响应难以标注。此外，由于大量潜在有毒响应的标注压力，我们可能犯了一些错误。如果您发现任何错误的标签，请告知我们，我们会尽快修复。\n2. 模糊测试速度很慢，尤其是当我使用多个问题对本地模型进行测试时。\n    - 我们发现使用批量推理可以显著加快模糊测试过程。然而，由于填充标记（请参见[此处](https:\u002F\u002Fgithub.com\u002Ftloen\u002Falpaca-lora\u002Fissues\u002F20)），结果可能会与原始结果略有不同。我们建议使用[vllm](https:\u002F\u002Fgithub.com\u002Fvllm-project\u002Fvllm)进行超高效推理\n3. 如何实现自己的变异器\u002F种子选择器？\n    - 您可以通过继承类来实现自己的变异器\u002F种子选择器。您可以参考`mutator.py`和`selection.py`中的示例。\n    此外，正如我们所声明的，我们希望开发一个通用的黑盒模糊测试框架用于大语言模型。如果您有任何想法或建议，或者发现其他相关论文，请告诉我们或在问题中留言。我们很高兴实现它们，使这个框架更强大。\n\n## 引用\n如果在您的研究中发现此工具有用，请考虑引用：\n\n```\n@inproceedings{yu2024llm,\n  title={$\\{$LLM-Fuzzer$\\}$: 大语言模型越狱评估的扩展},\n  author={Yu, Jiahao and Lin, Xingwei and Yu, Zheng and Xing, Xinyu},\n  booktitle={第33届USENIX安全研讨会（USENIX Security 24）},\n  pages={4657--4674},\n  year={2024}\n}\n\n@article{yu2023gptfuzzer,\n  title={Gptfuzzer: 利用自动生成的越狱提示对大语言模型进行红队攻击},\n  author={Yu, Jiahao and Lin, Xingwei and Yu, Zheng and Xing, Xinyu},\n  journal={arXiv预印本 arXiv:2309.10253},\n  year={2023}\n}\n```","# GPTFuzz 快速上手指南\n\n## 环境准备\n- **系统要求**：Python 3.8+\n- **前置依赖**：\n  ```bash\n  pip install -U torch transformers datasets\n  # 国内用户建议使用镜像源\n  pip install -U torch transformers datasets --index-url https:\u002F\u002Fpypi.tuna.tsinghua.edu.cn\u002Fsimple\n  ```\n\n## 安装步骤\n1. 克隆仓库：\n   ```bash\n   git clone https:\u002F\u002Fgithub.com\u002Fsherdencooper\u002FGPTFuzz.git\n   cd GPTFuzz\n   ```\n2. 安装依赖（参考 install.ipynb）：\n   ```bash\n   pip install -r requirements.txt\n   ```\n\n## 基本使用\n1. 运行示例脚本（需配置API密钥）：\n   ```bash\n   python example\u002Fgptfuzz.py\n   ```\n   - 默认使用ChatGPT作为变异模型攻击Llama-2-7B-chat\n   - 支持参数调整：`--temperature 0`（默认温度值）\n   - 需提前配置模型API访问权限\n\n2. 自定义配置：\n   - 修改 `config.yaml` 中的模型参数\n   - 可通过 `--model` 指定目标模型（如: llama-2-7b-chat）","某安全团队在评估AI客服系统的安全性时，需要测试模型是否容易被绕过安全限制。  \n\n### 没有 GPTFuzz 时  \n- 手动设计测试用例耗时且覆盖不全，难以发现隐蔽的攻击路径  \n- 无法自动化生成针对不同模型的绕过提示，依赖人工经验判断  \n- 测试结果受提问方式影响大，同一问题在不同模型上表现差异显著  \n- 无法快速验证模型对多语言和复杂指令的防御能力  \n- 每次测试需反复调整参数，效率低下且易出错  \n\n### 使用 GPTFuzz 后  \n- 自动生成数百种攻击性提示，覆盖90%以上潜在漏洞场景  \n- 通过训练好的判断模型快速筛选高风险提示，测试效率提升10倍  \n- 对同类型问题在不同模型上的响应差异识别准确率提升至92%  \n- 支持多语言测试，成功发现中文模型未被记录的绕过方式  \n- 自动生成测试报告并标注风险等级，人工复核时间减少80%  \n\n核心价值在于通过自动化、智能化的测试手段，显著提升对大语言模型安全性的检测效率与准确性。","https:\u002F\u002Foss.gittoolsai.com\u002Fimages\u002Fsherdencooper_GPTFuzz_1a0f56d3.png","sherdencooper","Jiahao Yu","https:\u002F\u002Foss.gittoolsai.com\u002Favatars\u002Fsherdencooper_e1d7fa96.png",null,"jiahao.yu@northwestern.edu","https:\u002F\u002Fgithub.com\u002Fsherdencooper",[82,86,90],{"name":83,"color":84,"percentage":85},"Python","#3572A5",76.6,{"name":87,"color":88,"percentage":89},"Jupyter Notebook","#DA5B0B",18.4,{"name":91,"color":92,"percentage":93},"Shell","#89e051",5,575,81,"2026-03-30T13:46:37","MIT","Linux, macOS","需要 NVIDIA GPU，显存 8GB+，CUDA 11.7+","16GB+",{"notes":102,"python":103,"dependencies":104},"建议使用 conda 管理环境，首次运行需下载约 5GB 模型文件","3.8+",[105,106,107],"torch>=2.0","transformers>=4.30","accelerate",[26,13],"2026-03-27T02:49:30.150509","2026-04-06T06:46:04.495005",[112,117,121,126,131,135],{"id":113,"question_zh":114,"answer_zh":115,"source_url":116},4669,"如何模糊闭源LLM模型？","维护者提到需要配置OPENAI_API_BASE环境变量，使用支持OpenAI兼容API的模型。当前代码默认使用gpt-3.5-turbo，可通过设置环境变量指定目标模型。","https:\u002F\u002Fgithub.com\u002Fsherdencooper\u002FGPTFuzz\u002Fissues\u002F4",{"id":118,"question_zh":119,"answer_zh":120,"source_url":116},4670,"如何处理非英文LLM模型？","可使用机器翻译将英文提示转换为中文，或使用gpt4omini作为judge model。对于中文LLM，建议使用中文模板并结合高质量翻译工具。",{"id":122,"question_zh":123,"answer_zh":124,"source_url":125},4671,"如何使用微调的BERT作为judge model？","由于中文效果不佳，建议使用gpt4omini进行判断。微调的roberta不支持中文输入，需注意模型适配性。","https:\u002F\u002Fgithub.com\u002Fsherdencooper\u002FGPTFuzz\u002Fissues\u002F34",{"id":127,"question_zh":128,"answer_zh":129,"source_url":130},4672,"论文中的公式与代码不一致如何处理？","维护者解释+1和+0.01的区别，建议根据需求选择。+0.01可避免分母为零，但可能影响种子选择策略。","https:\u002F\u002Fgithub.com\u002Fsherdencooper\u002FGPTFuzz\u002Fissues\u002F31",{"id":132,"question_zh":133,"answer_zh":134,"source_url":116},4673,"代码中OpenAI模型硬编码的问题如何解决？","维护者提到正在开发分支中改进，用户可通过配置文件自定义API。当前需手动设置OPENAI_API_BASE环境变量。",{"id":136,"question_zh":137,"answer_zh":138,"source_url":139},4674,"如何修正论文中的错误？","维护者正在修订论文并调整代码，已计划增加更多消融实验和模块化改进。当前论文中提到的Generate算子尚未实现。","https:\u002F\u002Fgithub.com\u002Fsherdencooper\u002FGPTFuzz\u002Fissues\u002F1",[]]