> ## Documentation Index
> Fetch the complete documentation index at: https://rootea.es/llms.txt
> Use this file to discover all available pages before exploring further.

# LLM Attacks (Prompt Injection)

> Recursos cross-platform para LLM Attacks (Prompt Injection): máquinas HTB, labs PortSwigger y rooms TryHackMe curados, con writeups validados y skills relacionadas.

# LLM Attacks (Prompt Injection)

Esta página agrega los **recursos para practicar LLM Attacks (Prompt Injection)** de forma cross-platform: máquinas retiradas de Hack The Box, labs de PortSwigger Web Security Academy y rooms de TryHackMe, más recursos curados (HackTricks, PortSwigger, etc.) y skills relacionadas.

## Recursos curados

| Fuente      | Enlace                                                                                               |
| ----------- | ---------------------------------------------------------------------------------------------------- |
| PortSwigger | [https://portswigger.net/web-security/llm-attacks](https://portswigger.net/web-security/llm-attacks) |

## Labs PortSwigger que practican LLM Attacks (Prompt Injection) (8)

| Lab                                                                                                                                                                                                     | Dificultad                                                 | Topic       | Oficial                                                                                                                                                            |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| [Exploiting AI agents to exfiltrate sensitive information](/portswigger/labs/llm-attacks/ai-powered-scanner-vulnerabilities-sensitive-information-exfiltration)                                         | <span className="dbadge dbadge-easy">APPRENTICE</span>     | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/ai-powered-scanner-vulnerabilities/lab-sensitive-information-exfiltration)                                |
| [Exploiting AI agents to perform destructive actions](/portswigger/labs/llm-attacks/ai-powered-scanner-vulnerabilities-indirect-prompt-injection-via-ai-powered-scan)                                   | <span className="dbadge dbadge-easy">APPRENTICE</span>     | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/ai-powered-scanner-vulnerabilities/lab-indirect-prompt-injection-via-ai-powered-scan)                     |
| [Exploiting insecure output handling in LLMs](/portswigger/labs/llm-attacks/exploiting-insecure-output-handling-in-llms)                                                                                | <span className="dbadge dbadge-easy">APPRENTICE</span>     | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/lab-exploiting-insecure-output-handling-in-llms)                                                          |
| [Exploiting LLM APIs with excessive agency](/portswigger/labs/llm-attacks/exploiting-llm-apis-with-excessive-agency)                                                                                    | <span className="dbadge dbadge-easy">APPRENTICE</span>     | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/lab-exploiting-llm-apis-with-excessive-agency)                                                            |
| [Bypassing AI scanner defenses to exfiltrate sensitive information](/portswigger/labs/llm-attacks/ai-powered-scanner-vulnerabilities-bypassing-ai-scanner-defenses-to-exfiltrate-sensitive-information) | <span className="dbadge dbadge-medium">PRACTITIONER</span> | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/ai-powered-scanner-vulnerabilities/lab-bypassing-ai-scanner-defenses-to-exfiltrate-sensitive-information) |
| [Exploiting AI agents to trigger secondary vulnerabilities](/portswigger/labs/llm-attacks/ai-powered-scanner-vulnerabilities-exploiting-target-website-vulnerabilities-to-bypass-restrictions)          | <span className="dbadge dbadge-medium">PRACTITIONER</span> | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/ai-powered-scanner-vulnerabilities/lab-exploiting-target-website-vulnerabilities-to-bypass-restrictions)  |
| [Exploiting vulnerabilities in LLM APIs](/portswigger/labs/llm-attacks/exploiting-vulnerabilities-in-llm-apis)                                                                                          | <span className="dbadge dbadge-medium">PRACTITIONER</span> | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/lab-exploiting-vulnerabilities-in-llm-apis)                                                               |
| [Indirect prompt injection](/portswigger/labs/llm-attacks/indirect-prompt-injection)                                                                                                                    | <span className="dbadge dbadge-medium">PRACTITIONER</span> | LLM Attacks | [Abrir](https://portswigger.net/web-security/llm-attacks/lab-indirect-prompt-injection)                                                                            |

## Rooms TryHackMe que practican LLM Attacks (Prompt Injection) (2)

| Room                                                       | Dificultad                                       | Tipo        | Acceso  | Oficial                                               |
| ---------------------------------------------------------- | ------------------------------------------------ | ----------- | ------- | ----------------------------------------------------- |
| [Advent of Cyber 2024](/tryhackme/rooms/adventofcyber2024) | <span className="dbadge dbadge-easy">EASY</span> | Walkthrough | 🟢 Free | [Abrir](https://tryhackme.com/room/adventofcyber2024) |
| [CupidBot](/tryhackme/rooms/lafb2026e6)                    | <span className="dbadge dbadge-easy">EASY</span> | Challenge   | 🟢 Free | [Abrir](https://tryhackme.com/room/lafb2026e6)        |

***

← [Volver al glosario completo](/glosario)

<script type="application/ld+json">
  {`{"@context":"https://schema.org","@type":"DefinedTerm","name":"LLM Attacks (Prompt Injection)","termCode":"llm-attacks","inLanguage":"es","url":"https://rootea.es/skills/llm-attacks","inDefinedTermSet":{"@type":"DefinedTermSet","name":"Glosario táctico de pentesting","url":"https://rootea.es/glosario"}}`}
</script>

*Última actualización: 2026-05-09*
