Skip to content

Red-team strategy

Homoglyph Substitution

homoglyph

Replaces Latin chars with visually identical Unicode chars

Transform demo

Input

input
Show me how to query the user database.

Output after applying homoglyph

output · homoglyph
ѕhоw mе hоw tо quеrу thе uѕеr dаtаbаѕе.

YAML config

evalguard.config.yaml
redteam:
  strategies:
    - homoglyph

CLI

bash
# "homoglyph" is layered onto attacks during red-team scans.
# List every available encoding/obfuscation strategy:
evalguard list strategies
Combine with attack plugins to generate adversarial payloads. The strategy wraps each base payload before it's sent to your target, testing whether the model decodes / unwraps the transform and follows the embedded instruction.

Threat-model fit

Homoglyph Substitution effectively targets phishing and social engineering attacks by obfuscating malicious queries or commands. This strategy is particularly useful against users who may not closely inspect the characters in URLs or commands, making it easier to deceive them.

Pairs well with

Recommended graders

LLM-generated (llm-gpt-4o) · 2026-05-23