How to Jailbreak LLMs One Step at a Time: Top Techniques and Strategies

Large language models (LLMs) are typically programmed with safeguards to prevent generating harmful, biased, or restricted content. However, jailbreaking techniques manipulate the model into circumventing these constraints, producing responses that would otherwise be blocked. There are three main categories of LLM jailbreaking: token-level, prompt-level, and dialogue-based. Prompt-level jailbreaking relies exclusively on human-crafted prompts designed to exploit model vulnerabilities, while token-level jailbreak methods optimize the raw sequence of tokens fed into the LLM to elicit responses that violate the model's intended behavior. Dialogue-based jailbreaking surpasses both token-based and prompt-based methods by being scalable, effective, and interpretable. DeepEval is an open-source LLM evaluation framework that red teams your LLM for over 40+ vulnerabilities using jailbreaking strategies.