How to Hack AI Agents and Applications
I often get asked how to hack AI applications. There hadn’t been a...
Top Posts
Evergreen essays or posts that were particularly well received.
Root for Your Friends
Heads‑up: The concept of this post might seem trivial, but it can ...
The Agentic Hacking Era: Ramblings and a Tool
A few weeks ago I wrote about how AI is going to impact bug bounty. That post was mostly predictions. This one is about what’s actually happening right now.
AI's Impact on Software and Bug Bounty
I have a lot of thoughts on how AI will affect things, including bug bounty. And most of it is speculation, of course, but I have to put this out into the world because I want to know if this is correct in a year or two.
Hacking An AI Children's Toy: Remote Access to Every Conversation
My neighbor texted me the other day and said she’d pre-ordered two AI toys for her kids that supposedly used an LLM to dynamically generate content for talking to the child. This was super fascinating to me. I’ve always thought something like that seemed awesome as kids can ask questions about anything, and get contextual answers back.
Words I Live By
Over 10 years ago, I put together a self “liturgy” of sorts (basically just a prayer) that I love reading. It takes a bunch of my favorite verses but changes them to the first-person perspective. There’s something about first person that makes it much more powerful and personal. As you read this, I pray it encourages you greatly.
Prompt Injection Isn't a Vulnerability
OKAY. OKAY. OKAY. It can be a vulnerability. But it’s almost never the root cause.
