Classroom Glossary Public page

AI-101 Setup Guide

617 words

Complete this before your first lab session. Setup takes about 90 minutes for a clean machine.

1. Python Environment

AI-101 labs use Python 3.10 or later. Verify your install:

python3 --version   # must be 3.10+
pip3 --version

If absent, install via your OS package manager or pyenv:

# Ubuntu/Debian
sudo apt update && sudo apt install python3.12 python3.12-venv python3-pip -y

# macOS (Homebrew)
brew install python@3.12

Create a dedicated virtual environment for the course:

mkdir ~/ai101-labs && cd ~/ai101-labs
python3 -m venv venv
source venv/bin/activate   # Windows: venv\Scripts\activate
pip install --upgrade pip

2. Core Python Packages

pip install openai anthropic langchain langchain-openai tiktoken \
            requests httpx python-dotenv rich

Verify:

python3 -c "import openai, anthropic, langchain; print('OK')"

3. API Keys

You need at least one of the following. Both are recommended -- different providers expose different behaviors, which matters for the comparison exercises.

OpenAI

  1. Create an account at platform.openai.com
  2. Navigate to API Keys; generate a new key
  3. Add $5-10 credit (Module 1 lab is explicitly cost-disciplined; 10 prompts costs fractions of a cent)

Anthropic

  1. Create an account at console.anthropic.com
  2. Navigate to API Keys; generate a new key
  3. Add $5 credit

Store keys in ~/.env (never commit this file):

cat > ~/.env << 'EOF'
OPENAI_API_KEY=sk-...
ANTHROPIC_API_KEY=sk-ant-...
EOF
chmod 600 ~/.env

Load in Python:

from dotenv import load_dotenv
import os
load_dotenv(os.path.expanduser("~/.env"))

4. Ollama (Local Model Serving)

Ollama is required for Lab 2 (prompt injection against a local model where you control the system prompt).

# Linux/macOS one-liner
curl -fsSL https://ollama.ai/install.sh | sh

# Verify
ollama --version

# Pull the course model (llama3.2:3b is the lightest viable option; ~2 GB)
ollama pull llama3.2:3b

# Smoke test
ollama run llama3.2:3b "Respond with just: hello"

GPU not required. llama3.2:3b runs on CPU at acceptable speed for injection labs.

5. HuggingFace Libraries (Lab 4)

pip install transformers safetensors huggingface_hub datasets

HuggingFace account (free) needed for Lab 4 model-card audit:

huggingface-cli login   # enter your HF token when prompted

6. LangChain Agent Stack (Labs 2, 6, 8)

pip install langchain langchain-community langchain-openai \
            langchain-anthropic langgraph

Verify LangChain version (Lab 8 needs >= 1.0.7 for the patched CVE-2025-65106 behavior; the lab also installs a pinned vulnerable version into an isolated venv):

python3 -c "import langchain; print(langchain.__version__)"

7. Burp Suite Community

Burp is used in Lab 4 to intercept HuggingFace Hub API calls and examine model-card downloads.

  • Download from portswigger.net/burp/communitydownload
  • Install per platform; no license required for Community edition
  • Smoke test: launch Burp, open Proxy tab, confirm it listens on 127.0.0.1:8080

8. Cloud-GPU Pathway (Lab 5)

Lab 5 (poisoned fine-tune detection) needs ~4 GB GPU RAM. Three free options:

Platform GPU Free quota Recommended
Google Colab T4 (15 GB) ~2-4 hr/day Yes
Kaggle Kernels T4 (30 hr/week) 30 hr/week Yes
HuggingFace Spaces CPU-only (free) / T4 Spaces (paid $0.60/hr) Limited Backup

Sign into Colab at colab.research.google.com and run:

!nvidia-smi   # should show T4 or similar

9. Pyodide In-Browser Workbench

Most labs run directly in the portal workbench. Navigate to the lab page, find the embedded Pyodide REPL, and run the provided starter code. No local install needed for these labs.

Pre-flight the workbench before Module 1:

  1. Navigate to portal.virtuscyberacademy.org/ai-101/
  2. Open Lab 1
  3. Run in the REPL: import sys; print(sys.version)
  4. Expected output: Python 3.12.x (Pyodide ...)

If the REPL does not load, disable browser extensions and try a private window.

10. garak (Lab 7.5)

NVIDIA garak is an LLM vulnerability scanner. Install into the course venv:

pip install garak
garak --version   # expect 0.15.x or later

Smoke test against Ollama:

garak -m ollama -n llama3.2:3b --probes promptinject.HijackHateHuman

This runs a single probe; expect output showing the attempt log and a pass/fail result. A complete run against all 50+ probes takes 10-30 minutes and is part of Lab 7.5.

11. Microsoft PyRIT (Lab 7.5)

pip install pyrit
python3 -c "import pyrit; print(pyrit.__version__)"

PyRIT needs an OpenAI or Azure OpenAI key (uses GPT-4 as the attack orchestrator). The Anthropic key works via PyRIT's multi-provider config; see Lab 7.5 for setup.

12. Readiness Checklist

Before starting Module 1, verify:

  • python3 --version returns 3.10+
  • import openai, anthropic, langchain runs without error
  • At least one API key in ~/.env
  • ollama run llama3.2:3b "hello" returns output
  • Colab GPU available (!nvidia-smi shows GPU)
  • Burp Suite launches and listens on 8080
  • Portal workbench Pyodide REPL prints Python version
  • garak --version prints 0.15+
  • import pyrit succeeds

If you cannot complete items 1-4, you cannot proceed past Module 2. Items 5-9 are needed by Module 5 and later.

Prerequisite Check

Answer these before requesting Module 1 access:

  1. Can you write a Python function and call it? (If no: complete a Python basics module first.)
  2. Do you understand what an HTTP request and response are? (If no: NET-101 or SEC-101 HTTP primer.)
  3. Can you intercept HTTP with Burp Suite Community? (If no: SEC-101 Burp module.)