增加两篇文章：大模型供应链安全及在pentest中的应用

SEC-CAFE · Nov 8, 2024 · 95efc65 · 95efc65
1 parent 63e0973
commit 95efc65
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/content/security_research/ai_security/ai_used_in_security.md b/content/security_research/ai_security/ai_used_in_security.md
@@ -43,6 +43,7 @@ keywords:
 - [Hacking and Bug Bounty AI-Powered Prompt Generation and A Few Notes on Agentic Hacking Systems](https://becomingahacker.org/hacking-and-bug-bounty-ai-powered-prompt-generation-and-a-few-notes-on-hacking-agentic-systems-a569e4511199)
 - [APOLLO：一种基于 GPT 的用于检测钓鱼邮件并生成警告用户的解释的工具](https://mp.weixin.qq.com/s/w-Rshy1GR3MZY4ca4bsrVQ)
 - [LLMs在供应链投毒检测中的应用](https://mp.weixin.qq.com/s/Dek0AdFNxf_C-q5pLX3ktw)
+- [AutoPT: How Far Are We from the End2End Automated Web Penetration Testing?](https://arxiv.org/html/2411.01236v1)
 
 ## 安全运营与响应
 - [智能驱动｜ChatGPT视角下的告警事件闭环响应](https://www.freebuf.com/articles/network/396552.html)

diff --git a/content/security_research/ai_security/llm_security/attack.md b/content/security_research/ai_security/llm_security/attack.md
@@ -29,6 +29,7 @@ keywords:
 - [实战解读：Llama Guard 3 & Prompt Guard](https://mp.weixin.qq.com/s/jgwn_o0EUmvtNUhGswCDng)
 - [AI安全漏洞全曝光：从案例到生命周期的深度解析|英国综述性报告《Cyber Security to AI》](https://mp.weixin.qq.com/s/vK1YihXeY2B_Tgdts_A0iA)
 - [微软安全大模型的应用架构](https://mp.weixin.qq.com/s/WjYraQpk_URpq4GO-r4cFw)
+- [Large Language Model Supply Chain: Open Problems From the Security Perspective](https://arxiv.org/html/2411.01604)
 
 
 ## 测试框架与方法
@@ -60,7 +61,6 @@ keywords:
 - [老树开新花：大模型时代的代码执行沙箱](https://mp.weixin.qq.com/s/X54d0foyBS56lGFUPyOvTw)
 - [[CCS 2024]中国科学院信息工程研究所：LLMSMITH——揭秘LLMs集成框架与应用中的RCE漏洞](https://mp.weixin.qq.com/s/cxVZ_8UG0SbMq_3XJee1cQ)
 
-
 ## 模型及算法安全
 - [人工智能安全治理框架解读——模型算法安全风险及应对篇](https://mp.weixin.qq.com/s/1WU7ZHrVSk1QBffsXx-qaw)