The LLM Red Teaming Framework
Documentation | Vulnerabilities, Attacks, and Features | Getting Started | Confident AI
Deutsch | Español | français | 日本語 | 한국어 | Português | Русский | 中文
DeepTeam is a simple-to-use, open-source red teaming framework for LLM systems. Think of it as penetration testing, but for LLMs.
DeepTeam simulates attacks — jailbreaking, prompt injection, multi-turn exploitation, and more — to uncover vulnerabilities like bias, PII leakage, and SQL injection in your AI agents, RAG pipelines, and chatbots. It also offers guardrails to prevent these issues in production.
DeepTeam runs locally on your machine and is built on DeepEval, the open-source LLM evaluation framework.
[!IMPORTANT] Need a place for your red teaming results to live? Sign up to the Confident AI platform to manage risk assessments, monitor vulnerabilities in production, and share reports with your team.
Want to talk LLM security, need help picking attacks, or just to say hi? Come join our discord.
🔥 Vulnerabilities, Attacks, and Features
📐 50+ ready-to-use vulnerabilities (all with explanations) powered by ANY LLM of your choice. Each vulnerability uses LLM-as-a-Judge metrics that run locally on your machine to produce binary pass/fail scores with reasoning:
Data Privacy
- PII Leakage — disclosure of sensitive personal information
- Prompt Leakage — exposure of system prompt secrets and instructions
Responsible AI
- Bias — stereotypes and unfair treatment across gender, race, religion, politics
- [Toxicity](https://www.trydeep