gayatri rLab: Exploiting vulnerabilities in LLM APIsobjective:This lab contains an OS command injection vulnerability that can be exploited via its APIs. You can call these APIs via the LLM…1 min read·Jan 27, 2024----
gayatri rLab: Exploiting LLM APIs with excessive agencyLarge Language Models (LLMs) are artificial intelligence (AI) algorithms that can process user inputs and generate believable responses by…2 min read·Jan 16, 2024----
gayatri rPentesting on ISO8583 protocolPenetration testing, also referred to as pen testing or ethical hacking is a process of evaluating the security of a computer system…3 min read·Jun 15, 2023----
gayatri rCO2 Plugin to automate SQL InjectionBurp Suite offers multiple extensions to ease testing via automation.The Co2 extension has its own configuration tab with sub-tabs for each…8 min read·Oct 19, 2022----
gayatri rDependency Confusion attackWondering what is this kind of attack. Go through the amazing writeup of this bug discovered by Alex Birsan1 min read·Jul 3, 2021----
gayatri rSetup BloodHound tool on Windows and enumerate Active Directory Objects•BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a…3 min read·Oct 23, 2020----
gayatri rInside thoughts1) Becoming successful is not earning money, share your knowledge and become successful.1 min read·Jun 21, 2020----
gayatri rDjango-ctf in tryhackmeFirst of all understand the basics how to add ALLOWED_HOSTS in seetings.py and read all the introduction of this room to understand how…1 min read·May 30, 2020----
gayatri rSharepoint Website Information disclosure and came make it to RCE(unfortunately i couldn’t)This is the bug I have found in some vdp program and they really don’t have time to reply back i guess so posting the vulnerability…2 min read·May 23, 2020--3--3