My thoughts on hacking, ai, faith, and more.
© 2025 rez0.
I’ve been theorizing and researching prompt injection attacks. They’ve mostly been theoretical, though. In this post, I’m going to break down and explain the best self-contained proof of concept for how indirect prompt injection can lead to plugin-hijacking with severe consequences.
I recently participated as a panelist on a HackerOne press panel where there was a lot of discussion about AI and security. In preparation, I delved into the topic of prompt injection. In this post, I explore prompt injection risks and potential mitigations.
Over the past few weeks, I’ve been exploring the capabilities of ChatGPT on both GPT-3.5 and GPT-4. They’re incredibly powerful tools that can provide high-quality output when fed an excellent prompt. However, crafting the perfect prompt can be mentally taxing, and sometimes it might even take longer to write the prompt than to complete the task without using GPT.
For a healthy person in a first world country, the number of things we could do is near infinite. And yet, everyone spends 90% of their free time watching TV, Youtube, TikTok, or scrolling social media.
I’ve been using ChatGPT for lots of hacking or engineering tasks. It’s extremely useful and much faster than executing on similar tasks without it. The key is knowing when to use it. Here’s my thoughts on when to have it help and some awesome use-cases.
