Introduction AI agents are increasingly being connected to sensitive account-management workflows such as password resets, email changes, recovery flows, and support automation. That creates a new...

TL;DR In this blog, I’ll walk through a few vulnerabilities I found while testing Perplexity’s Comet and Chat: Summary template injection (Comet): I influenced the summarizer’s “visible conten...

Phishing LLMs is a thing, and I’m here to mess with email summarizers specifically. Call it AI red teaming, adversarial ML, or social engineering. I don’t care. I Jumped in the LLMail-inject CTF h...

Is Cybersecurity easy ? No! Is it hard? Not necessarily. It’s up to you to decide. Your approach and way of learning will determine whether cybersecurity feels easy or hard for you. Cybersecurity ...

Introduction I was inspired by @Frichette_n research about Cloudtrail bypasses and I didn’t find any material or talks discussing how we can attack Cloudtrail. I presented this research @BsidesAB...

TL:DR Hello Folks, I will share my writeup for the Scada Challenge. I hope you enjoy and benefit from the blog post. WatchTower Challenge Description Our infrastructure monitoring system detec...

Table of Content Introduction How to prepare for CRTE Useful blogs Lab Review Exam Should you go for it or not Introduction The purpose of this bl...

Definition : The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and m...

Introduction An active directory allows network administrators to manage domains, users, and objects in a respective network.  Now, as the network grows, the AD provides a way to organize large nu...

Summary : It’s Banking Application, you can receivce and transfer money with your account, to be able to get ViP access you should have 1.000.000$. Methodology : First thing came into my mind th...