#red-teaming

Context Drift: How I Talked AI Agents Into Giving Up Their Secrets

I've been thinking a lot about how we talk to AI agents and what happens when the conversation goes long enough. Not in a theoretical sense -- I spent about 10 hours in a single session with Pulumi's Neo agent, and somewhere around hour three, someth...

Feb 1311 min read

BMBiswadeb Mukherjeeblogs.official-biswadeb941.in

Understanding the Modern Recon Approach in Offensive Security

Reconnaissance has always been the foundation of offensive security. Before exploitation, before payloads, before privilege escalation, there is recon. What has changed is not the importance of recon, but its nature. The image above represents a new ...

Jan 296 min read

DSDaniel Scraggdscragg.com

Opinions of a CRTSv2 graduate.

On the 15th of January at 11pm (UTC+2), I took the CRTSv2 exam, and by 1:45am the next day, I had sent my exam report to be graded — that’s 2 hours and 45 minutes. I was quite happy with that, but maybe the exam is just easier than advertised… I boug...

Jan 265 min read

AArqamarqam.hashnode.dev

Hack Responsibly: An Intro to Ethical Hacking & Red Teaming

Offensive security is the practice of thinking and acting like an attacker — but with permission. It’s about finding the weak spots an adversary would exploit, then fixing them before anyone with bad intent finds them first. I know some people will s...

Sep 16, 20253 min read

YKYoussef Ketajstarter-kit-xi-seven.vercel.app

Techniques de Living-off-the-Land avec PowerShell et WMI : L'Art de l'Exploitation Furtive

Les techniques de Living-off-the-Land (LotL) représentent aujourd'hui l'une des méthodes d'attaque les plus sophistiquées et insidieuses dans le domaine de la cybersécurité. Ces techniques exploitent les outils légitimes déjà présents sur les système...

Sep 13, 202512 min read

BSBornov Shyam Kalitacipherslog.hashnode.dev

Cipher’s Log #5: The End of the Beginning

I thought I’d post after learning web basics. But then I kept going.I figured—why stop at the gate when the whole castle is in sight? Yeah… it’s been a minute. This blog was supposed to drop right after I finished the basics of web exploitation. That...

Jul 12, 20254 min read

MDMuralidharan Deenathayalanblogs.codingfreaks.net

The Importance of Red Teaming for AI and Machine Learning Models

AI models are getting better every day—but there are people try to break them. And if you’ve ever deployed a model into the wild, you probably already know: what works in the lab doesn’t always hold up under real-world pressure. 👉That’s where red te...

May 19, 20253 min read

Bb1d0wsb1d0ws.hashnode.dev

ReDoS: O Denial of Service que Mora na sua Regex

Introdução Esses dias descobri que cerca de 5% das vulnerabilidades de segurança em aplicações Node.js são causadas por ReDoS e isso me surpreendeu. Também conhecido como Regular Expression Denial of Service, o ReDoS é um tipo de vulnerabilidade que ...

Apr 22, 202511 min read

MMMojtaba Malekimojtabamaleki.hashnode.dev

Red Teaming LLM Applications

Red Teaming LLM Applications: A Weekend Learning Journey This weekend, I dove into the fascinating world of Red Teaming LLM Applications. In my exploration, I learned how to use large language models (LLMs) not only for regular tasks but also to stre...

Mar 24, 20255 min read

ATAnshul Tiwaricsanshul.hashnode.dev

MITRE ATT&CK® framework

Lets understand MITRE ATT&CK framework in simple way. What is MITRE ATT&CK ? It was developed and released by MITRE Corporation.A non-profit organization in 2015.Acronym ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge.It acts a...

Sep 8, 20241 min read

Tag feed

Tag feed

#red-teaming

Context Drift: How I Talked AI Agents Into Giving Up Their Secrets