Available now! Telegram Research 2025 — the year's key insights 
Bug bounty Tips
Open in Telegram
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Show more5 834
Subscribers
+924 hours
+687 days
+38330 days
Posts Archive
5 836
🌍 Web LLM Attacks.
• What are LLMs?
• Interactive Interfaces and Use Cases;
• Security Considerations;
• Protecting Against LLM Attacks;
• Exploiting LLM APIs with excessive agency;
• Exploiting vulnerabilities in LLM APIs;
• Indirect prompt injection;
• Exploiting insecure output handling in LLMs;
• LLM Zero-Shot Learning Attacks;
• LLM Homographic Attacks;
• LLM Model Poisoning with Code Injection;
• Chained Prompt Injection;
• Conclusion;
• References;
• Security Researchers.
#web #LLM
5 836
Hands-On AWS Penetration Testing with Kali Linux
This book aims to help pentesters as well as seasoned system administrators with a hands-on approach to pentesting the various cloud services provided by Amazon through AWS using Kali Linux.
The book covers a large variety of AWS services that are often overlooked during a pentest — from serverless infrastructure to automated deployment pipelines.
Облачные лабы тут: https://t.me/cybred/504
5 836
Для тех, кто в танке.
Что такое Shodan и с чем его едят.
Руководство пользователя на русском.
5 836
CVE-2024-22120: Time Based SQL Injection in Zabbix Server Audit Log
Affected and fixed version/s: * 6.0.0 - 6.0.27 / 6.0.28rc1 * 6.4.0 - 6.4.12 / 6.4.13rc1 * 7.0.0alpha1 - 7.0.0beta1 / 7.0.0beta2
Allows to dump any values from database. As an example of exploit above allows privilege escalation from user to admin. In some cases, SQL injection leads to RCE.PoC: https://support.zabbix.com/secure/attachment/236280/236280_zabbix_server_time_based_blind_sqli.py #exploit #pentest
