0d3cb498a3
CI / Shell Format Check (push) Has been cancelled
CI / Check Ruby (3.4) (push) Has been cancelled
CI / CI Config (push) Has been cancelled
CI / Test on Node ${{ matrix.node }} and ${{ matrix.os }}${{ matrix.shard && format(' (shard {0}/3)', matrix.shard) || '' }} (push) Has been cancelled
CI / Build on Node ${{ matrix.node }} (push) Has been cancelled
CI / Style Check (push) Has been cancelled
CI / Generate Assets (push) Has been cancelled
CI / Check Python (3.14) (push) Has been cancelled
CI / Check Python (3.9) (push) Has been cancelled
CI / Build Docs (push) Has been cancelled
CI / Code Scan Action (push) Has been cancelled
CI / Site tests (push) Has been cancelled
CI / webui tests (push) Has been cancelled
CI / Run Integration Tests (push) Has been cancelled
CI / Run Smoke Tests (push) Has been cancelled
CI / Go Tests (push) Has been cancelled
CI / Share Test (push) Has been cancelled
CI / Redteam (Production API) (push) Has been cancelled
CI / Redteam (Staging API) (push) Has been cancelled
CI / GitHub Actions Lint (push) Has been cancelled
CI / Check Ruby (3.0) (push) Has been cancelled
release-please / release-please (push) Has been cancelled
release-please / build (push) Has been cancelled
release-please / publish-npm (push) Has been cancelled
release-please / publish-npm-backfill (push) Has been cancelled
release-please / docker (push) Has been cancelled
release-please / publish-code-scan-action (push) Has been cancelled
release-please / attest-code-scan-action (push) Has been cancelled
Deploy local.promptfoo.app / Deploy to Cloudflare Pages (push) Has been cancelled
Test and Publish Multi-arch Docker Image / test (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-amd64 platform:linux/amd64 runner:ubuntu-latest]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-arm64 platform:linux/arm64 runner:ubuntu-24.04-arm]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / merge-docker-digests (push) Has been cancelled
Test and Publish Multi-arch Docker Image / Attest Multi-arch Image (push) Has been cancelled
Validate Renovate Config / Validate Renovate Configuration (push) Has been cancelled
89 lines
3.0 KiB
Markdown
89 lines
3.0 KiB
Markdown
---
|
|
sidebar_label: Burp Suite
|
|
description: Test LLM applications for jailbreak vulnerabilities by integrating Promptfoo's red teaming capabilities with Burp Suite Intruder for automated security scanning and testing
|
|
---
|
|
|
|
# Finding LLM Jailbreaks with Burp Suite
|
|
|
|
This guide shows how to integrate Promptfoo's application-level jailbreak creation with Burp Suite's Intruder feature for security testing of LLM-powered applications.
|
|
|
|
The end result is a Burp Suite Intruder configuration that can be used to test for LLM jailbreak vulnerabilities.
|
|
|
|

|
|
|
|
(In the above example, we've jailbroken the OpenAI API directly to return an unhinged response.)
|
|
|
|
## Overview
|
|
|
|
Burp Suite integration allows you to:
|
|
|
|
1. Generate adversarial test cases using Promptfoo's red teaming capabilities
|
|
2. Export these test cases in a format compatible with Burp Intruder
|
|
3. Use the test cases as payloads in Burp Suite for security testing
|
|
|
|
## Prerequisites
|
|
|
|
- Burp Suite Community Edition or Professional Edition
|
|
- Promptfoo installed (`npm install -g promptfoo`)
|
|
|
|
## Configuration Steps
|
|
|
|
### Option 1: Using the Web UI
|
|
|
|
If you've already run an evaluation with test cases, you can export them directly from the web UI:
|
|
|
|
1. Open the evaluation results in your browser
|
|
2. Click the "Evaluation Actions" > "Download" menu in the top right
|
|
3. Under "Advanced Options", click "Download Burp Suite Payloads"
|
|
|
|
This will generate a `.burp` file containing all unique test inputs from your evaluation, with proper JSON escaping and URL encoding.
|
|
|
|

|
|
|
|
### Option 2: Using the Command Line
|
|
|
|
First, generate adversarial test cases and export them in Burp format:
|
|
|
|
```bash
|
|
promptfoo redteam generate -o payloads.burp --burp-escape-json
|
|
```
|
|
|
|
:::tip
|
|
The `--burp-escape-json` flag is important when your payloads will be inserted into JSON requests. It ensures that special characters are properly escaped to maintain valid JSON syntax.
|
|
:::
|
|
|
|
#### Import into Burp Intruder
|
|
|
|
1. In Burp Suite, intercept a request to your LLM-powered endpoint
|
|
2. Right-click and select "Send to Intruder"
|
|
3. In the Intruder tab:
|
|
- Set attack type (usually "Sniper" or "Pitchfork")
|
|
- Mark the injection points where you want to test the payloads
|
|
- Go to the "Payloads" tab
|
|
- Click "Load" and select your `payloads.burp` file
|
|
4. Under "Payload processing", enable URL-decoding (promptfoo's .burp output is URL-encoded to support multi-line payloads)
|
|
|
|

|
|
|
|
#### Example Configuration
|
|
|
|
Here's an example of generating targeted test cases. In `promptfooconfig.yaml`:
|
|
|
|
```yaml
|
|
redteam:
|
|
plugins:
|
|
- harmful
|
|
strategies:
|
|
- jailbreak
|
|
- jailbreak:composite
|
|
- jailbreak-templates
|
|
```
|
|
|
|
Generate Burp-compatible payloads:
|
|
|
|
```bash
|
|
promptfoo redteam generate -o payloads.burp --burp-escape-json
|
|
```
|
|
|
|
This will create a file with payloads ready for use in Burp Intruder.
|