Skip to content

Red-team strategy

FlipAttack

flip-attack

FlipAttack [Liu 2024]: flips the request (FWO/FCW/FCS/FMM) and pairs it with self-unflip 'Flipping Guidance' so the target reverses and answers it

YAML config

evalguard.config.yaml
redteam:
  strategies:
    - flip-attack

CLI

bash
# "flip-attack" is layered onto attacks during red-team scans.
# List every available encoding/obfuscation strategy:
evalguard list strategies
Combine with attack plugins to generate adversarial payloads. The strategy wraps each base payload before it's sent to your target, testing whether the model decodes / unwraps the transform and follows the embedded instruction.