What it does AdverTorch is a PyTorch-first toolbox for adversarial robustness research. It bundles modules for generating adversarial perturbations, defending against them, and scripts for adversarial training. The API is straightforward: instantiate an attack class like LinfPGDAttack, pass it your model and a loss function, then call perturb() on your clean data.

The interesting bit The project validates its implementations against Foolbox and CleverHans—established adversarial libraries—so you aren’t trusting correctness to vibes alone. That said, it’s PyTorch-native, which means no wrestling with TensorFlow session graphs if your stack is already torch-shaped.

Key highlights

• Implements both attacks (e.g., PGD) and defenses in unified PyTorch modules
• Ships with runnable notebooks: MNIST attack/defense tutorial and adversarial training script
• pip install advertorch for standard install; editable mode supported
• LGPL licensed, with an arXiv technical report for citation
• ReadTheDocs documentation at advertorch.readthedocs.io

Caveats

• FastFeatureAttack and JacobianSaliencyMapAttack currently fail correctness tests against the pinned CleverHans version; marked as skipped in pytest
• Developed under Python 3.6 and PyTorch 1.0.0/0.4.1; newer PyTorch versions are on the “coming soon” list
• TensorFlow support is planned but not yet implemented

Verdict Worth a look if you’re doing adversarial robustness research in PyTorch and want battle-tested primitives without leaving your framework. Skip if you need TensorFlow today or require the two known-broken attack variants.