Netsec Explained
@gtklondike.bsky.social
Netsec Explained is a passion project; dedicated to the research, learning, and sharing of intermediate and advanced level network security topics.
https://www.youtube.com/c/NetsecExplained
https://www.youtube.com/c/NetsecExplained
Wow, this is incredible! We need governments or large orgs to do broad research tests like these.
youtube.com/shorts/GAdhl...
youtube.com/shorts/GAdhl...
Most Brutual Self-Driving Test by Chinese Company #tesla #huawei #china #byd #car #fsd
YouTube video by virtual savage
youtube.com
August 16, 2025 at 1:50 AM
Wow, this is incredible! We need governments or large orgs to do broad research tests like these.
youtube.com/shorts/GAdhl...
youtube.com/shorts/GAdhl...
Exactly! LLMs will not lead to AGI.
www.instagram.com/reel/DMVO5nT...
Study referenced:
arxiv.org/abs/2507.06952
www.instagram.com/reel/DMVO5nT...
Study referenced:
arxiv.org/abs/2507.06952
July 23, 2025 at 4:36 AM
Exactly! LLMs will not lead to AGI.
www.instagram.com/reel/DMVO5nT...
Study referenced:
arxiv.org/abs/2507.06952
www.instagram.com/reel/DMVO5nT...
Study referenced:
arxiv.org/abs/2507.06952
Last year, I presented one of the top presentations on AI security at RSAC 2024.
In there I explicitly said "do not give your AI root access. It will be a confused deputy, I will add you to my list of examples".
Well, guess who got added to the list?
www.pomerium.com/blog/when-ai...
In there I explicitly said "do not give your AI root access. It will be a confused deputy, I will add you to my list of examples".
Well, guess who got added to the list?
www.pomerium.com/blog/when-ai...
When AI Has Root: Lessons from the Supabase MCP Data Leak
www.pomerium.com
July 16, 2025 at 4:46 AM
Last year, I presented one of the top presentations on AI security at RSAC 2024.
In there I explicitly said "do not give your AI root access. It will be a confused deputy, I will add you to my list of examples".
Well, guess who got added to the list?
www.pomerium.com/blog/when-ai...
In there I explicitly said "do not give your AI root access. It will be a confused deputy, I will add you to my list of examples".
Well, guess who got added to the list?
www.pomerium.com/blog/when-ai...
Awesome presentation from HackAPrompt.
youtu.be/_BRhRh7mOX0
youtu.be/_BRhRh7mOX0
Prompt Engineering and AI Red Teaming — Sander Schulhoff, HackAPrompt/LearnPrompting
YouTube video by AI Engineer
youtu.be
July 15, 2025 at 12:51 AM
Awesome presentation from HackAPrompt.
youtu.be/_BRhRh7mOX0
youtu.be/_BRhRh7mOX0
These are incredible, and not creepy at all.
www.reddit.com/r/ChatGPT/s/...
www.reddit.com/r/ChatGPT/s/...
From the ChatGPT community on Reddit: ChatGPT vision of users treating it. Prompt inside come show yours!
Explore this post and more from the ChatGPT community
www.reddit.com
June 5, 2025 at 6:53 PM
These are incredible, and not creepy at all.
www.reddit.com/r/ChatGPT/s/...
www.reddit.com/r/ChatGPT/s/...
Think something was written with ChatGPT? Turns out the latest models have an unintentional watermark.
youtube.com/shorts/qt4r_...
youtube.com/shorts/qt4r_...
ChatGPT Adding Watermarks to Text Output? #ai #chatgpt
YouTube video by Will Francis
youtube.com
May 24, 2025 at 3:50 AM
Think something was written with ChatGPT? Turns out the latest models have an unintentional watermark.
youtube.com/shorts/qt4r_...
youtube.com/shorts/qt4r_...
Big news, Microsoft just open sourced their AI red team labs.
aka.ms/AIRTlabs
aka.ms/AIRTlabs
GitHub - microsoft/AI-Red-Teaming-Playground-Labs: AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.
AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure. - microsoft/AI-Red-Teaming-Playground-Labs
aka.ms
May 22, 2025 at 10:33 PM
Big news, Microsoft just open sourced their AI red team labs.
aka.ms/AIRTlabs
aka.ms/AIRTlabs
Reposted by Netsec Explained
Quick poll for a security friend. If you are a dev:
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
May 9, 2025 at 10:18 PM
Quick poll for a security friend. If you are a dev:
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
Do you know what threat modeling is?
Do you do it?
Why or why not?
If so what does that look like for you?
He must not have very many friends IRL, because I can't even think of a single one I'd replace with a chat bot.
😬 Zuckerberg predicts "most of your friends will be AI" in the future.
This dystopian vision showcases how Big Tech plans to replace human connection with profitable AI relationships. This isn't sci-fi - it's Meta's business plan.
www.msn.com/en-us/techno...
This dystopian vision showcases how Big Tech plans to replace human connection with profitable AI relationships. This isn't sci-fi - it's Meta's business plan.
www.msn.com/en-us/techno...
Zuckerberg’s Grand Vision: Most of Your Friends Will Be AI
Meta’s CEO is promoting a future where artificial intelligence is increasingly intertwined with people’s lives.
www.msn.com
May 9, 2025 at 8:51 PM
He must not have very many friends IRL, because I can't even think of a single one I'd replace with a chat bot.
Someone mentioned this in my comments the other day, but I didn't even think about the possibility of a deluge of bad/false AI generated bug reports being a problem in AppSec. and yet, here we are.
youtube.com/shorts/BInml...
youtube.com/shorts/BInml...
AI Money Glitch
YouTube video by ThePrimeTime
youtube.com
May 9, 2025 at 8:48 PM
Someone mentioned this in my comments the other day, but I didn't even think about the possibility of a deluge of bad/false AI generated bug reports being a problem in AppSec. and yet, here we are.
youtube.com/shorts/BInml...
youtube.com/shorts/BInml...
This is a very interesting read on new and unique ways that AI agentic systems fail. What are your thoughts?
www.darkreading.com/vulnerabilit...
www.darkreading.com/vulnerabilit...
AI Agents Fail in Novel Ways, Put Businesses at Risk
Microsoft researchers identify 10 new potential pitfalls for companies that are developing or deploying agentic AI systems, with failures potentially leading to the AI becoming a malicious insider.
www.darkreading.com
May 8, 2025 at 7:01 PM
This is a very interesting read on new and unique ways that AI agentic systems fail. What are your thoughts?
www.darkreading.com/vulnerabilit...
www.darkreading.com/vulnerabilit...
About a month ago, I was asked to hop on a panel with some very talented people to discuss our thoughts on the state of AI security and red teaming. Check it out!
www.youtube.com/watch?v=HzqK...
www.youtube.com/watch?v=HzqK...
AI Red Teaming: Breaking AI to Build a Secure Future
YouTube video by TrojAI
www.youtube.com
May 8, 2025 at 7:17 AM
About a month ago, I was asked to hop on a panel with some very talented people to discuss our thoughts on the state of AI security and red teaming. Check it out!
www.youtube.com/watch?v=HzqK...
www.youtube.com/watch?v=HzqK...
AI isn't just LLMs. Here's all the places to go to learn how to hack more traditional AI/ML. Inspired by the AI Village challenges at Defcon.
www.youtube.com/watch?v=hnNZ...
www.youtube.com/watch?v=hnNZ...
Get Started in AI CTFs
YouTube video by Netsec Explained
www.youtube.com
May 6, 2025 at 7:39 AM
AI isn't just LLMs. Here's all the places to go to learn how to hack more traditional AI/ML. Inspired by the AI Village challenges at Defcon.
www.youtube.com/watch?v=hnNZ...
www.youtube.com/watch?v=hnNZ...
If you want to learn how to hack AI, I have a video for that. Check it out!
www.youtube.com/watch?v=_4Q9...
www.youtube.com/watch?v=_4Q9...
Real-world Attacks on LLM Applications
YouTube video by Netsec Explained
www.youtube.com
May 5, 2025 at 8:35 PM
If you want to learn how to hack AI, I have a video for that. Check it out!
www.youtube.com/watch?v=_4Q9...
www.youtube.com/watch?v=_4Q9...
This made me feel good! The perfect compliment from someone on my talks:
"You've made a difficult topic interesting, and explained it in a way that's memorable"
"You've made a difficult topic interesting, and explained it in a way that's memorable"
April 30, 2025 at 10:42 PM
This made me feel good! The perfect compliment from someone on my talks:
"You've made a difficult topic interesting, and explained it in a way that's memorable"
"You've made a difficult topic interesting, and explained it in a way that's memorable"
I'm curious. How would you define or describe the following?
* AI red teaming
* AI pentesting
* jailbreaks vs prompt injections
* AI agents
With all the semantic games in the AI+security space, let's settle on some common definitions and descriptions.
* AI red teaming
* AI pentesting
* jailbreaks vs prompt injections
* AI agents
With all the semantic games in the AI+security space, let's settle on some common definitions and descriptions.
April 27, 2025 at 7:11 PM
I'm curious. How would you define or describe the following?
* AI red teaming
* AI pentesting
* jailbreaks vs prompt injections
* AI agents
With all the semantic games in the AI+security space, let's settle on some common definitions and descriptions.
* AI red teaming
* AI pentesting
* jailbreaks vs prompt injections
* AI agents
With all the semantic games in the AI+security space, let's settle on some common definitions and descriptions.
Reposted by Netsec Explained
Going to #RSA? I’ll be speaking at Aegis of Tomorrow: An AI & Security Summit on Monday, April 28 from 3–5pm.
I’ll be sharing a framework for cutting through AI hype and prioritizing cybersecurity investments based on how attacker capabilities are actually evolving.
👉 Register here: lu.ma/9j1p8ixj
I’ll be sharing a framework for cutting through AI hype and prioritizing cybersecurity investments based on how attacker capabilities are actually evolving.
👉 Register here: lu.ma/9j1p8ixj
April 17, 2025 at 4:06 AM
Going to #RSA? I’ll be speaking at Aegis of Tomorrow: An AI & Security Summit on Monday, April 28 from 3–5pm.
I’ll be sharing a framework for cutting through AI hype and prioritizing cybersecurity investments based on how attacker capabilities are actually evolving.
👉 Register here: lu.ma/9j1p8ixj
I’ll be sharing a framework for cutting through AI hype and prioritizing cybersecurity investments based on how attacker capabilities are actually evolving.
👉 Register here: lu.ma/9j1p8ixj
Holy shit, holy shit, holy shit.
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
April 15, 2025 at 6:19 PM
Holy shit, holy shit, holy shit.
You've heard of "Vibe Coding", now let me introduce you to "Vibe mathematics"!
Some think in the next 2 years, we'll have AGI. I think it'll discover astrology instead. Do you think it's a Cancer, or Sagitarios?
youtu.be/-wzOetb-D3w?...
Some think in the next 2 years, we'll have AGI. I think it'll discover astrology instead. Do you think it's a Cancer, or Sagitarios?
youtu.be/-wzOetb-D3w?...
New Research Reveals How AI “Thinks” (It Doesn’t)
YouTube video by Sabine Hossenfelder
youtu.be
April 8, 2025 at 10:32 PM
You've heard of "Vibe Coding", now let me introduce you to "Vibe mathematics"!
Some think in the next 2 years, we'll have AGI. I think it'll discover astrology instead. Do you think it's a Cancer, or Sagitarios?
youtu.be/-wzOetb-D3w?...
Some think in the next 2 years, we'll have AGI. I think it'll discover astrology instead. Do you think it's a Cancer, or Sagitarios?
youtu.be/-wzOetb-D3w?...
Reposted by Netsec Explained
Web Application Pentesting and the Importance of Specialization with Tib3rius podcasters.spotify.c...
Web Application Pentesting and the Importance of Specialization with Tib3rius by Phillip Wylie Show
About The Guest:Tib3rius is a penetration tester with over ten years of experience, specializing in web application security. He is the creator of the popular tool Autorecon, which is widely used for enumeration in the OSCP exam and CTF challenges. Tib3rius also offers courses on Udemy and Hackers Academy, focusing on privilege escalation techniques for Windows and Linux.
Summary:Tib3rius joins Phillip Wylie on The Phillip Wylie Show to discuss his background in penetration testing and his specialization in web application security. He shares insights into the development of his tool Autorecon, which was initially created for the OSCP exam but gained popularity in the community. Tib3rius also talks about the importance of specialization in offensive security and offers advice for those looking to start a career in penetration testing. He highlights the value of bug bounty hunting as a way to gain practical experience and shares his thoughts on the OWASP Top Ten and the future of web application security tools.
Key Takeaways:
Autorecon, a tool created by Tib3rius, is widely used for enumeration in the OSCP exam and CTF challenges.
Specializing in a specific area of penetration testing, such as web application security, can lead to becoming a subject matter expert and increase value to a company.
Bug bounty hunting can provide practical experience and count as valuable experience in the field of penetration testing.
The OWASP Top Ten has evolved from a list of the top ten vulnerabilities to a list of categories, covering a wide range of web application security issues.
The future of web application security tools, such as Kaido, remains to be seen, but competition in the field can lead to improvements and alternatives to existing tools.
Quotes:
"I think specialize in something and learn that thing well, and you'll be fine." - Tib3rius
"Bug bounty hunting is a great thing to go into because you'll get some experience actually testing real applications." - Tib3rius
"The OWASP Top Ten has become a catch-all category that covers almost every vulnerability." - Tib3rius
Socials and Resources:
https://twitter.com/0xTib3rius
http://youtube.com/Tib3rius
https://tib3rius.com/
https://courses.tib3rius.com/
https://linktr.ee/tib3rius
podcasters.spotify.com
April 5, 2025 at 1:55 AM
Web Application Pentesting and the Importance of Specialization with Tib3rius podcasters.spotify.c...
Had a fantastic presentation on building useful AI agents at cyphercon this weekend. Don't worry, I'll be posting a video on my channel soon. So stay tuned!
April 5, 2025 at 3:25 AM
Had a fantastic presentation on building useful AI agents at cyphercon this weekend. Don't worry, I'll be posting a video on my channel soon. So stay tuned!
Recently, I was on a panel talking about AI red teaming with some very knowledgeable people. We shared a lot of good insights that you can take away. Check it out!
youtu.be/HzqKWgGjndk?...
youtu.be/HzqKWgGjndk?...
AI Red Teaming: Breaking AI to Build a Secure Future
YouTube video by TrojAI
youtu.be
March 31, 2025 at 10:58 PM
Recently, I was on a panel talking about AI red teaming with some very knowledgeable people. We shared a lot of good insights that you can take away. Check it out!
youtu.be/HzqKWgGjndk?...
youtu.be/HzqKWgGjndk?...
How to hack AI agents:
josephthacker.com/hacking/2025...
josephthacker.com/hacking/2025...
How to Hack AI Agents and Applications
Learn how to hack AI agents and applications with this expert guide. Find vulnerabilities, prompt injection risks, and testing strategies for AI security.
josephthacker.com
March 10, 2025 at 6:26 AM
How to hack AI agents:
josephthacker.com/hacking/2025...
josephthacker.com/hacking/2025...
Tomorrow, Wednesday, I'll be doing a webcast with Pax8 on building practical AI agent workflows. Check it out!
www.youtube.com/watch?v=91jF...
www.youtube.com/watch?v=91jF...
Streamlining Workflows with AI Agents
YouTube video by Pax8
www.youtube.com
March 5, 2025 at 6:06 AM
Tomorrow, Wednesday, I'll be doing a webcast with Pax8 on building practical AI agent workflows. Check it out!
www.youtube.com/watch?v=91jF...
www.youtube.com/watch?v=91jF...