Evan Harris
@evanharris.bsky.social
Agentic systems engineer.
Securing MCP integrations.
Building dev tools & Obsidian plugins.
Securing MCP integrations.
Building dev tools & Obsidian plugins.
Have not landed your first CVE?
That was me a few months ago.
Now I have 3 under my belt.
And more in the pipeline.
Here is how to go from 0 - 100 on CVEs:
That was me a few months ago.
Now I have 3 under my belt.
And more in the pipeline.
Here is how to go from 0 - 100 on CVEs:
September 30, 2025 at 3:02 PM
Have not landed your first CVE?
That was me a few months ago.
Now I have 3 under my belt.
And more in the pipeline.
Here is how to go from 0 - 100 on CVEs:
That was me a few months ago.
Now I have 3 under my belt.
And more in the pipeline.
Here is how to go from 0 - 100 on CVEs:
Hacking.
The ocean.
Beautiful sunsets.
All I need.
A deeper state of peace
Leads to greater clarity of mind.
A far away horizon
Allows for a feeling of openness.
At which point
Anything becomes possible.
The ocean.
Beautiful sunsets.
All I need.
A deeper state of peace
Leads to greater clarity of mind.
A far away horizon
Allows for a feeling of openness.
At which point
Anything becomes possible.
September 11, 2025 at 11:36 AM
Hacking.
The ocean.
Beautiful sunsets.
All I need.
A deeper state of peace
Leads to greater clarity of mind.
A far away horizon
Allows for a feeling of openness.
At which point
Anything becomes possible.
The ocean.
Beautiful sunsets.
All I need.
A deeper state of peace
Leads to greater clarity of mind.
A far away horizon
Allows for a feeling of openness.
At which point
Anything becomes possible.
When I pick up an old side project...
July 24, 2025 at 6:29 PM
When I pick up an old side project...
Last week I received my first bounty from ethical hacking.
Here's how I went from curious to paid in 3 months:
Here's how I went from curious to paid in 3 months:
July 17, 2025 at 11:59 AM
Last week I received my first bounty from ethical hacking.
Here's how I went from curious to paid in 3 months:
Here's how I went from curious to paid in 3 months:
Ty Claude for the lesson of the day:
June 28, 2025 at 4:42 AM
Ty Claude for the lesson of the day:
Really Claude...
Gimme a jailbreak so I can help people secure themselves...
Gimme a jailbreak so I can help people secure themselves...
June 18, 2025 at 12:00 PM
Really Claude...
Gimme a jailbreak so I can help people secure themselves...
Gimme a jailbreak so I can help people secure themselves...
I think your estimate is off...
June 11, 2025 at 5:33 AM
I think your estimate is off...
Hacking via indirect prompt injection just leveled up
Shoutout to Cursor
Shoutout to Cursor
May 23, 2025 at 11:35 PM
Hacking via indirect prompt injection just leveled up
Shoutout to Cursor
Shoutout to Cursor
11 takeaways from a day of indirect prompt injecting MCP servers:
May 16, 2025 at 11:06 PM
11 takeaways from a day of indirect prompt injecting MCP servers:
Azure MCP is out.
Will Microsoft consider indirect prompt injection attacks vulnerabilities?
For the sharks to have fun in.
So far big_corps have seemed to have the attitude of not my problem.
To hack? Or not to hack?
Will Microsoft consider indirect prompt injection attacks vulnerabilities?
For the sharks to have fun in.
So far big_corps have seemed to have the attitude of not my problem.
To hack? Or not to hack?
May 16, 2025 at 6:30 AM
Azure MCP is out.
Will Microsoft consider indirect prompt injection attacks vulnerabilities?
For the sharks to have fun in.
So far big_corps have seemed to have the attitude of not my problem.
To hack? Or not to hack?
Will Microsoft consider indirect prompt injection attacks vulnerabilities?
For the sharks to have fun in.
So far big_corps have seemed to have the attitude of not my problem.
To hack? Or not to hack?
Hi Mathew - I am so sorry to hear this happened. That is very frustrating.
The post should appear immediately.
Do you have your username and Bluesky app password setup in the bluesky plugin settings page?
The post should appear immediately.
Do you have your username and Bluesky app password setup in the bluesky plugin settings page?
December 3, 2024 at 7:27 PM
Hi Mathew - I am so sorry to hear this happened. That is very frustrating.
The post should appear immediately.
Do you have your username and Bluesky app password setup in the bluesky plugin settings page?
The post should appear immediately.
Do you have your username and Bluesky app password setup in the bluesky plugin settings page?