Foolbox: Fast adversarial attacks to benchmark the robustness of machine learning models in PyTorch, TensorFlow, and JAX

Get Started →

Native Performance

Foolbox 3 is built on top of EagerPy and runs natively in PyTorch, TensorFlow, and JAX.

State-of-the-art attacks

Foolbox provides a large collection of state-of-the-art gradient-based and decision-based adversarial attacks.

Type Checking

Catch bugs before running your code thanks to extensive type annotations in Foolbox.

# What is Foolbox?

Foolbox is a Python library that lets you easily run adversarial attacks against machine learning models like deep neural networks. It is built on top of EagerPy (opens new window) and works natively with models in PyTorch (opens new window), TensorFlow (opens new window), and JAX (opens new window).

import foolbox as fb

model = ...
fmodel = fb.PyTorchModel(model)

attack = fb.attacks.LinfPGD()
epsilons = [0.0, 0.001, 0.01, 0.03, 0.1, 0.3, 0.5, 1.0]
advs, _, success = attack(fmodel, images, labels, epsilons=epsilons)