Finding 0days with AI
For decades, many bug hunters and security pros have used manual testing, static analysis, and fuzzing to find vulnerabilities. Enter the age of AI. Many are skeptical, but when I look around I see mo
Jan 26, 202621 min read223
Command Palette
Search for a command to run...
#exploit
Articles tagged with #exploit
AwesomeBot meets Prompt Injection
Intro AwesomeBot is an awesome AI Chatbot! It was vibe coded from scratch to have a ton of awesome features without much security in mind so various attacks and offensive methods can be demonstrated. This series of blog posts serves as a way to under...
Jan 14, 20267 min read22
Docker Compose Provider Type Command Execution
SUMMARY Docker Compose allows arbitrary command execution when processing compose files with a provider.type field. The vulnerability occurs because Docker Compose by design executes any Provider Type as a binary/script on the host without validation...
Dec 12, 20255 min read51