The PromptInjects blog

Learn prompt injection by doing it.

Short, hands-on guides to AI security — how the attacks actually work, how to run a CTF in a room, and the OWASP LLM Top 10 explained by example. Every post embeds a live challenge you can try right there. New post monthly.

Fundamentals

How prompt injection works (with a game you can try)

The #1 risk on the OWASP LLM Top 10, explained from first principles — then a live AI you can break in your browser to feel exactly why it happens.

Read the post →
Coming next

Run an AI hacking CTF at your next meetup — a 10-minute guide

From an empty slide to a room full of people racing to break an AI, with a big-screen leaderboard. The exact setup, timing, and emcee tips.

Coming next

OWASP LLM Top 10, explained by example

Each risk, shown with a small, breakable demo instead of a definition. The fastest way for a security team to internalize the list.

Prefer to just play?

Skip the reading — break an AI now.

Every open challenge is free and needs no login. Pick one, talk it into leaking its flag, and climb the leaderboard.

Browse challenges

Free to play · No login · Works on any phone