Module 01: Offensive AI and AI System Hacking Methodology

• AI & ML Fundamentals
• AI Attack Surface and Threat Landscape (ATLAS-Aligned)
• AI Attack Taxonomy and Classification
• OWASP LLM and ML Top 10 (2025) – Overview & Mapping
• AI System Hacking Methodology
• Securing AI Systems – Foundations (Defensive Anchor)
• AI Security Governance and Compliance

Module 02: AI Reconnaissance and Attack Surface Mapping

• OSINT for AI Assets
• Tools and Techniques for AI OSINT
• Data & Training Pipeline Intel Gathering
• Mapping AI Attack Surfaces from OSINT
• Discovering AI Endpoints & Services
• AI API & Parameter Enumeration
• Model & Vector Store Enumeration
• Defensive – Reducing AI OSINT Exposure
• Defensive – Hardening Enumerated Surfaces
• AI Threat Intelligence & Continuous Monitoring

Module 03: AI-Specific Vulnerability Scanning and Fuzzing

• Fundamentals of AI Vulnerability Assessment
• Tools and Techniques for Vulnerability Scanning
• Fuzzing Techniques for AI Systems
• Defensive – Integrating Scanning & Fuzzing

Module 04: Prompt-Based and LLM Application Attacks

• LLM Architecture & Trust Boundaries
• Prompt Injection & Jailbreaking
• Sensitive Information Disclosure and System Prompt Leakage
• Improper Output Handling and Misinformation
• Advanced Prompt Attack Techniques
• Defensive – Secure LLM Application Design

Module 05: Adversarial Machine Learning and Model Privacy Attacks

• Adversarial ML Attacks
• Practical Adversarial Input Attacks
• Privacy & Model Extraction Attacks
• Evaluating Robustness & Trustworthiness
• Emerging Model Attack Techniques
• Defensive – Privacy & Robustness Mitigations

Module 06: Data and Training Pipeline Attacks

• Understanding AI Data & Training Pipelines
• Data Poisoning Attacks
• Backdoor / Trojan Attacks in Training Pipelines
• AI Supply Chain Attack Vectors
• Defensive – Securing Data & Training Pipelines

Module 07: Agentic AI and Model-to-Model Attacks

• Agentic AI Architecture & Attack Surface
• Excessive Agency & Autonomy
• Model-to-Model and Cross-LLM Attacks
• Unbounded Consumption and Denial of Wallet
• AI Workflow and Orchestration Attacks
• Defensive – Securing Agentic Applications

Module 08: AI Infrastructure and Supply Chain Attacks

• AI Infrastructure & Integration Landscape
• System and Framework Exploits
• Tool and API Abuse in AI Apps
• Supply Chain Threats (Deep Dive)
• Defensive – Hardening AI Infra & Supply Chain

Module 09: AI Security Testing, Evaluation, and Hardening

• AI Security Test & Evaluation Fundamentals
• Designing AI Security Test Plans
• Executing AI Security Tests
• Reporting, Assurance & Risk Management
• Defensive – Embedding T&E into MLOps/DevSecOps

Module 10: AI Incident Response, Forensics, and Capstone Red Team

• Detecting & Responding to AI-Specific Incidents
• Logging, Telemetry & Evidence Collection
• AI Forensics & Post-Incident Analysis
• Capstone: Full-Scope AI Red Team Engagement
• Course Wrap-Up & Professional Practice