Reference architecture — Customer-support AI with per-customer isolation This document sketches a secure, production-ready reference architecture for giving an LLM-based support assistant access to customer data while ensuring strict per-customer isolation and auditability. High-level goals Least privilege: AI can only...
AppSec with Jenkins Forked OWASP’s Vulnerable-Web-Application for this excersise. The plan is to have security tools run in Jenkins every time we have a new build from the project. Our security team will track diff’s of the security tooling output...
A worth adversary While using Automation Tools today, a website had the audacity to tell me they suspected me of using Automation Tools! A couple hours later I have gained the website’s trust and am browsing automatically without hassle. I’m...
Goal: Using any resource available online build a web server and provide evidence of a vulnerability or penetration test for any of the OWASP 10 vulnerabilities.
This is a walk-through of CTF challenge Mr-Robot: 1. I downloaded the target VM image from vulhub and booted it in VMware. My source machine is a Kali Linux image, also running on VMware. All my engagements start with netdiscover,...