Bug Bytes #212 – XSS Payloads, IDOR prediction and Cloud Security
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
Category: Mix
The Journey Back to My Name · Joseph Thacker
How and why I moved rez0.blog to josephthacker.com The story of josephthacker.com Back in college, I bought the domain josephthacker.com for something like 20 dollars.…
Learn the 3 Key Principles at Kong API Summit 2023
In an era where APIs (Application Programming Interfaces) are the lifeblood of digital interactions, the need for robust API security has never been more critical. …
What Hiring Managers Want, CVE Farming, Hunt Forward Operations, and AI vs. B2B Services
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
DOM Invader and the case of direct eval vs indirect eval | Blog
Gareth Heyes | 25 September 2023 at 14:00 UTC What is DOM Invader? DOM Invader is a browser extension that makes it easy to find…
Turbocharge ChatGPT With A Metaprompter · Joseph Thacker
Over the past few weeks, I’ve been exploring the capabilities of ChatGPT on both GPT-3.5 and GPT-4. They’re incredibly powerful tools that can provide high-quality…
Prompt Injection Attacks and Mitigations · Joseph Thacker
I recently participated as a panelist on a HackerOne press panel where there was a lot of discussion about AI and security. In preparation, I…
Explaining the Best Prompt Injection Proof of Concept · Joseph Thacker
I’ve been theorizing and researching prompt injection attacks. They’ve mostly been theoretical, though. In this post, I’m going to break down and explain the best…
A New Take on an Old Saying · Joseph Thacker
The saying “You’re the average of the five people spend the most time with” is still true, but has been redefined by the digital world.…
Can LLMs Create New Things? · Joseph Thacker
Is generative AI output a novel creation or simple imitation? I’ve heard many people say that LLMs (and generative AI overall) don’t create new things.…
Be a Hype Man For Your Friends · Joseph Thacker
Explaining the benefits of hyping up your friends’ ideas. Amplify (ˈam·pləˌfī) verb: To make larger, greater, or stronger; enlarge; extend. Idea Amplification (īˈdēə ˌam·plə·fəˈkā·shən) noun:…
The Prompt Injection Primer · Joseph Thacker
Bringing clarity to questions about Prompt Injection Security Everyone loves talking about prompt injection, but the real impact to an application is often hard to…