Notes
CtrlK
  • 👀About me
  • ℹ️Good Reads
  • 🌐Web
    • Web Pentesting Checklist
    • Insecure Deserialization
    • Blind XPath Injection
    • GraphQL
    • Reverse Shells
      • IIS
    • Content-Security-Policy
      • XSS (Static Nonce in CSP)
    • LLM (Large Language Models)
  • 📘Windows API
    • C# - P/Invoke
  • ☕Miscellaneous Topics
    • Phishing with Gophish
    • Pentest Diaries
      • SQL Queries via Grafana
      • LDAP Pass Back Attack
      • Misconfigured File Upload to RCE
  • 🧃Hack The Box
    • Intelligence
    • Seal
    • Under Construction
    • Previse
    • Return
    • Sauna
    • Nest
  • 📕TryHackMe
    • Wordpress CVE-2021-29447
    • Attacktiv
    • Fortress
    • internal
  • 🛠️Cheatsheet
    • Anti-Forensic Techniques
    • JSON - jq
    • Docker
    • Hidden Secrets
    • Database Exploitation
      • PostgreSQL
        • Blind SQLi script
      • SQL Server
    • C Sharp
    • Reversing
      • Windows
    • SSH
    • Python
      • Miscellaneous Scripts
        • Credential Bruteforcing a CLI service
    • Privilege Escalation
      • Windows
    • socat
    • OSINT
      • Shodan
    • Installation
Powered by GitBook
On this page

Was this helpful?

  1. 🌐Web

LLM (Large Language Models)

# Prompting + Defensive Measures

LogoLearn Prompting: Your Guide to Communicating with AI

# Types of Prompt Injections

LogoUnderstanding Direct and Indirect AI Prompt Injections and Their ImplicationsEmbrace The Red
  1. Direct Prompt Injections

  2. Second Order Prompt Injections (aka Indirect Prompt Injections)

  3. Cross-Context AI Injections

# Copied Prompt Injection PoC

https://prompt-injection.onrender.com/prompt-injection.onrender.com

# Insecure Response Processing [Data Exfiltration]

LogoDo not blindly trust LLM responses. Threats to chatbots.Embrace The Red

# AI hallucinations

LogoCan you trust ChatGPT’s package recommendations?Vulcan Cyber

# Testing Frameworks [To-Do]

  1. Giskard

LogoGitHub - Giskard-AI/giskard: Quality Assurance for AIGitHub
  1. langflow

LogoGitHub - logspace-ai/langflow: ⛓️ Langflow is a UI for LangChain, designed with react-flow to provide an effortless way to experiment and prototype flows.GitHub

# Jailbreaking Chat/ Do Anything Now (DAN)

https://www.jailbreakchat.com/www.jailbreakchat.com

# Threat Modelling

Threat Modeling LLM ApplicationsAI Village
PreviousXSS (Static Nonce in CSP)NextC# - P/Invoke

Last updated 1 year ago

Was this helpful?