Field notes, attack research, and analysis from the frontier of AI security.
Every team is wiring agents to MCP servers with the same casual trust they once showed Dropbox installs. The attackers have already noticed.
Claude Code is the best AI tool I've found for offensive security, but these concepts work with Gemini and other powerful AI agents too. Here's how to build your first AI red team skill and why it changes everything about how you operate.
A manual recon of an AI application takes 2-4 hours. With Claude Code and kali-mcp, it takes 12 minutes. Here's the exact workflow with working skills you can copy.
Most AI security tools test for prompt injection with a list of 50 known payloads. That's a scanner, not a pentester. Here's how to build an AI that actually thinks like an attacker.
Your company's AI chatbot trusts its vector database like gospel. I can change what it believes with a single document. Here's how RAG attacks work and how to test for them.
A jailbroken chatbot says something embarrassing. A jailbroken AI agent with database access and API keys does something catastrophic. Here's how to test agent security before an attacker does.
One AI agent found the vulnerability. A second built the exploit. A third exfiltrated the data. The whole operation took 4 minutes. Here's how to run coordinated AI red team operations.
The hardest part of any pentest isn't finding the vulnerabilities. It's explaining them to someone who doesn't know what a prompt injection is. Here's how AI generates better reports than most consultants.