Prompt Injection Attacks and Mitigations · Joseph Thacker
I recently participated as a panelist on a HackerOne press panel where there was a lot of discussion about AI and security. In preparation, I…
Category: Mix
Explaining the Best Prompt Injection Proof of Concept · Joseph Thacker
I’ve been theorizing and researching prompt injection attacks. They’ve mostly been theoretical, though. In this post, I’m going to break down and explain the best…
A New Take on an Old Saying · Joseph Thacker
The saying “You’re the average of the five people spend the most time with” is still true, but has been redefined by the digital world.…
Can LLMs Create New Things? · Joseph Thacker
Is generative AI output a novel creation or simple imitation? I’ve heard many people say that LLMs (and generative AI overall) don’t create new things.…
Be a Hype Man For Your Friends · Joseph Thacker
Explaining the benefits of hyping up your friends’ ideas. Amplify (ˈam·pləˌfī) verb: To make larger, greater, or stronger; enlarge; extend. Idea Amplification (īˈdēə ˌam·plə·fəˈkā·shən) noun:…
The Prompt Injection Primer · Joseph Thacker
Bringing clarity to questions about Prompt Injection Security Everyone loves talking about prompt injection, but the real impact to an application is often hard to…
Yes. LLMs can create convincingly human output. · Joseph Thacker
Why LLMs don’t sound human, strategies to fix it, and real examples. I’ve talked to a lot of people that think it’s obvious when text…
More Tips and Scripts from a Hacker Dad · Joseph Thacker
As I mentioned in my last parenting post, I’m a hacker and bug bounty hunter. So, I spend a lot of my time improving myself…
vim + llm = 🔥
If you don’t use vi/vim, you might not find this post very practical, but maybe it’ll convince you to try it out! I have been…
API9:2023 Improper Inventory Management
Welcome to the 10th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners.…
H1-702 Las Vegas Day 2: Hacking with Zoom
Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of…
Why This Moment In Cybersecurity Needs Hackers To Protect All Software
Originally published in Security Magazine When the pandemic hurled us into a cybersecurity crisis, there were some who held out hope that things would eventually…