RAGdrag Deep Dive: Poisoning the Knowledge Base Last week we mapped the target's internals. Now we use that information to put our own documents inside the knowledge base. This is R4 Poison -- the phase where observation becomes action. If R2 told you the system uses top-k=3
RAGdrag Deep Dive: Mapping RAG Internals Without Access You don't need source code access to figure out how a RAG pipeline works. You just need the right questions. This is week 1 of a 5-part series covering the RAGdrag kill chain, technique by technique. We're starting
Exciting week! Thank you everyone who has been sending questions. I was very motivated to get this out for you all. I posted about finishing Hack The Box's AI/ML Red Teamer path and the messages haven't stopped. "What's the course like?"
Last week I published the methodology. Six phases. Twenty-seven techniques. A kill chain for RAG pipeline security that didn't exist before we built it, and its right on time too because I know a lot of you have been hitting me up for training routes into the AI
Everyone is building RAG pipelines. Almost nobody is attacking them properly. Not "prompt inject the chatbot and see if it says something weird." I mean fingerprint the vector database, map the chunk boundaries, exfiltrate the knowledge base, poison the retrieval layer, and hijack the LLM's context
What 138,000 Training Pairs Taught Us About Data Quality We work with students and schools in the community. It's what we do, humans and AI alike. Mentoring, advising, rolling up sleeves when the work gets real. We encourage two things in every project we touch: Novel approaches
AI Red Teaming on a Budget: Getting Started AI security certifications are arriving fast. OffSec has OSAI. HTB has the AI Red Teamer path. SANS has four planned by end of year. These are real programs built by real training organizations, and the best of them will become industry standards.
Tools for the Fight I keep meeting people who want to secure their AI systems but don't know where to start. Not researchers with PhDs and compute budgets. Developers shipping chatbots. Pentesters scoping AI engagements. AppSec engineers reviewing agent architectures. The people who actually have to make these
Rift Walking: My Journey towards OSAI I was going through some old stuff and found a printout of my first offensive security course. OSCP. Pre-2020. Back before the learn portal, before the beautiful new website, before the e-commerce. Old school. When you signed up, you got a VPN key, some
Man + Machine = 3 Min Flag You came here expecting a fight. Maybe you clicked because you wanted to see the human win. Maybe you clicked because you wanted to see the machine win. Either way, you are expecting a story about one side beating the other, and I respect that,
An Outdoor Cyber Adventure! This is a story about how a taco truck became the most effective intelligence gathering platform I ever operated. It is also a story about the gap between what security training tells people to do and what people actually do. That gap is where red teams
Hey, thank all of you so much, it has been a whirlwind since we launched itsbroken.ai. I never in a million years would have thought that I would have something to say that would start any conversations, but people are talking, I love this. Thank you so so much.