AIGoat and ai-goat

These are **competitors** — both provide hands-on AI security training through vulnerable application environments, but one focuses on attacking/defending a realistic e-commerce system while the other uses isolated CTF challenges, requiring learners to choose between a holistic application context versus modular exploits.

AIGoat

Emerging

ai-goat

Emerging

Maintenance 13/25

Adoption 7/25

Maturity 9/25

Community 15/25

Maintenance 0/25

Adoption 10/25

Maturity 16/25

Community 19/25

Stars: 25

Forks: 5

Downloads: —

Commits (30d): 0

Language: JavaScript

License: MIT

Stars: 325

Forks: 46

Downloads: —

Commits (30d): 0

Language: Python

License: GPL-2.0

No Package No Dependents

Stale 6m No Package No Dependents

About AIGoat

AISecurityConsortium/AIGoat

AI Goat - Learn AI security by attacking and defending a real AI-powered e-commerce application. Built for Red Teamers, security researchers, AI enthusiasts, and students to learn about adversarial attacks on AI/LLM systems. It is strictly for educational use, and the authors disclaim responsibility for any misuse.

About ai-goat

dhammon/ai-goat

Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.

Incorporates the Vicuna LLM (derived from Meta's LLaMA) running locally via Docker, with challenges structured around prompt injection and OWASP Top 10 LLM threats. Uses a Python orchestration script to manage LLM binary deployment (~8GB from HuggingFace), challenge containers, and an optional CTFd interface for challenge tracking and flag submission across multiple vulnerability scenarios.

Scores updated daily from GitHub, PyPI, and npm data. How scores work