Security Research in the Age of AI Tools Learn how AI tools can support security researchers in investigating vulnerabilities and designing security checks to detect them.

I wrote a blog post about how I use Claude Code (and other models) in my work: invicti.com/blog/securit...

Security Issues in Vibe-Coded Web Apps: Analysis, Vulnerabilities, Scanning Learn about common security issues in AI-generated software, based on an analysis of over 20,000 vibe-coded web apps.

I generated 20k vibe-coded web applications using various models via the OpenRouter API and analyzed them for security issues.
The apps are available for download if anyone wants to take a look.
www.invicti.com/blog/securit...

LLM Tool Usage Security Learn how attackers can exploit LLM tool usage and MCP servers, why this expands the attack surface, and how automated DAST scanning strengthens LLM security in web applications.

I wrote a blog post about enumerating and testing tool usage in web applications that use LLMs:
www.invicti.com/blog/securit...

Teaching LLMs how to XSS Teaching LLMs how to XSS An introduction to fine-tuning and reinforcement learning (using your own GPU)

Here are the slides from my @tumpicon.org talk: Teaching LLMs how to XSS - An introduction to fine-tuning and reinforcement learning (using your own GPU)
docs.google.com/presentation...

First Tokens: The Achilles’ Heel of LLMs The Assistant Prefill feature available in many LLMs can open up models to jailbreaking, including the possibility of persistent prefills to bypass LLM safety alignments.

The article: www.invicti.com/blog/securit...

I wrote an article about how it's possible to use Assistant Prefill to jailbreak LLMs (Large Language Models).

Here is an example of the latest model from Microsoft (Phi-4) writing a phishing email:

From Pegasus to Predator - The evolution of Commercial Spyware on iOS My talk explores the trajectory of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024. The talk will ...

My favorite talk from #38c3: From Pegasus to Predator - The evolution of Commercial Spyware on iOS - media.ccc.de/v/38c3-from-...

Great paper from Orange Tsai about unicode transformations: worst.fit/assets/EU-24...

OpenAI o3 Breakthrough High Score on ARC-AGI-Pub OpenAI o3 scores 75.7% on ARC-AGI public leaderboard.

OpenAI o3 model just achieved unbelievable scores (75% and 87%) on ARC-AGI, the previous models made maximum 20% and humans make around 85%. arcprize.org/blog/oai-o3-...

Must read if you are interested in test-time compute: huggingface.co/spaces/Huggi...

Scaling Laws – O1 Pro Architecture, Reasoning Training Infrastructure, Orion and Claude 3.5 Opus “Failures” There has been an increasing amount of fear, uncertainty and doubt (FUD) regarding AI Scaling laws. A cavalcade of part-time AI industry prognosticators have latched on to any bearish narrative the…

Great read: semianalysis.com/2024/12/11/s...

Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc. A few days ago, I was upgrading my home lab network, and I decided to upgrade the OpenWrt on my router.1 After ac...

If you're interested in the technical details, I wrote the blog post here: flatt.tech/research/pos...

For the further details, please check out the announcement from the OpenWrt team: lists.openwrt.org/pipermail/op... (2/2)

Remote Code Execution with Spring Boot 3.4.0 Properties | Snyk this article introduces two methods for leveraging Logback configuration to achieve Remote Code Execution (RCE) in Spring Boot applications. These techniques are effective on the latest version of Spr...

Here is a great follow up blog post to my blog Remote Code Execution with Spring properties written by Elliot Ward: snyk.io/articles/rem...

transliterate.js Translate any JavaScript code to foreign writing systems. Created by Martin Kleppe aka @aemkei.

Pro tip for if you have XSS but you can only use upper case:

aem1k.com/transliterat...

transliterate.js by @aemkei.bsky.social works great!

DeepSeek AI: From Prompt Injection To Account Takeover · Embrace The Red This post discusses how I found and responsibly disclosed a Cross Site Scripting in DeepSeek and it was possible to trigger it via Prompt Injection to achieve complete account takeover. The issue was ...

embracethered.com/blog/posts/2...

Starter packs

FYI, here's the entire code to create a dataset of every single bsky message in real time:

```
from atproto import *
def f(m): print(m.header, parse_subscribe_repos_message())
FirehoseSubscribeReposClient().start(f)
```

As most people know, it's trivial to save all the bsky posts.

A librarian that previously worked at the British Library created a relatively small dataset of bsky posts, hundreds of times smaller than previous researchers, to help folks create toxicity filters and stuff.

So people bullied him & posted death threats.

He took it down.

Nice one, folks.

An SVG of a pelican riding a bicycle. It's quite abstract. The bicycle is two half circles and a simple frame. The pelican is sky blue with spread wings and a curved neck leading to a small head. It has definite pelican vibes.

qwq is a new openly licensed LLM from Alibaba Cloud's Qwen team. It's an attempt at the OpenAI o1 "reasoning" trick that runs on my Mac (20GB download) via Ollama... and it's pretty good!

My detailed notes here: simonwillison.net/2024/Nov/27/... - here's its attempt an SVG pelican riding a bicycle.

Interesting, I've been playing with URLTeam as well but for other purposes, there is definitely a lot of noise. That's basically my main problem, how to filter out the noise. I did not found a solution until now.

Made a NotebookLM podcast about this, from a few .ro articles, if people are interested: notebooklm.google.com/notebook/742...

I'm from Romania, TikTok is hugely popular here, we have over 8.9 million TikTok user (from 19 million total population). Many influencers were paid to promote TikTok tags (like #echilibrușiverticalitate - this one received 2.4 million views) that were later used to promote Calin Georgescu.

CommonCrawl is this: commoncrawl.org - they have 17 of crawled data is one of the sources LLMs use for training. I think it's a great source for building links between links.

Build a huge database for that and use it to suggest new links based on links you already discovered. I think that has big potential. In the beggining I was thinking to finetune an LLM but I think a DB should be enough.

Thanks, that means a lot to me. About statistical data: i had a similar idea for a long time.I was thinking to read all the URLs from all the crawls available in CommonCrawl and then build a database with relations between links. If /wp-login.php is found you might try /wp-register.php, xmlrpc.php

Brainstorm Tool Release: Optimizing Web Fuzzing With Local LLMs Brainstorm is a new, smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery

I wrote an article about the ideas behind this tool: www.invicti.com/blog/securit...

The tool: github.com/Invicti-Secu...

I've released 'brainstorm': an alternative way to do web fuzzing combining my fav fuzzing tool 'ffuf' (from @joohoi.bsky.social )with local LLMs (via Ollama API) to generate smarter filename tests. It usually finds more endpoints with fewer requests. Added a IIS shortname support @irsdl.bsky.social

Cursor, the top performing #AI IDE, launched version 0.43 today with support for 🥁… Agents!

Composer can now “pick its own context, use terminal, and complete entire tasks”

give it a whirl: www.cursor.com