Red Teaming · 46 articles

Red Teaming

AD exploitation, lateral movement, persistence, defense evasion — MITRE ATT&CK aligned playbooks.

Red Teaming

Defending LLM Applications: The 6-Layer Stack

Layered defence for production LLM applications — input filter, prompt hardening, output filter, tool/agent constraints, rate limiting, monitoring. Architectural bounding via capability…

Apr 25, 2026 · 2 min read
Red Teaming

LLM Red-Teaming Methodology in 2026

LLM red-team workflow — OWASP LLM Top 10, scoping, direct prompt injection, indirect injection, sensitive info disclosure, excessive agency, DoS. Tools: PyRIT,…

Apr 25, 2026 · 3 min read
Red Teaming

Prompt Injection: Direct vs Indirect Attacks

Prompt injection variants — direct (user jailbreaks), indirect (malicious instructions in processed content). Real attack examples, encoding bypasses, multi-turn manipulation, RAG-based injection.…

Apr 25, 2026 · 3 min read
Red Teaming

AI Agent Security: Securing Autonomous LLM Systems

AI agent attack surface — prompt injection via tool inputs (RCE-equivalent), tool chaining for escalation, excessive permissions, state-persistence attacks. Capability separation +…

Apr 25, 2026 · 3 min read
Red Teaming

CitrixBleed (CVE-2023-4966): Why Patching Wasn’t Enough

CitrixBleed leaked active session tokens that survived patching — post-patch session hijacking persisted for weeks. The bug, IoCs, the required session-termination playbook,…

Apr 25, 2026 · 3 min read
Red Teaming

Ivanti Connect Secure 2024 CVEs: Mass Exploitation and Lessons

CVE-2023-46805 + CVE-2024-21887 chained for unauthenticated RCE on Ivanti VPN. Mass-exploited within hours by nation-state and ransomware actors. IoCs, the 7-step IR…

Apr 25, 2026 · 3 min read
Red Teaming

Fortinet FortiGate CVEs: The Edge-Device Attack Surface Pattern

Fortinet's recent CVE history (2022-40684, XORtigate, 2024-21762, FortiManager 23113 / 47575) shows the structural risk of edge devices. IoCs, mitigation pattern, and…

Apr 25, 2026 · 2 min read
Red Teaming

OSINT Methodology for Pentesters: The 2026 Toolchain

Practitioner OSINT methodology — subdomain enumeration with subfinder/amass, live discovery with httpx, vulnerability scanning with nuclei, people enumeration with theHarvester, GitHub secrets…

Apr 25, 2026 · 3 min read
Red Teaming

Subdomain Enumeration Deep-Dive: Beyond subfinder

Senior subdomain enumeration — passive sources (CT logs, DNS aggregators), active brute-force with smart wordlists, JS-file analysis, cloud-asset patterns, subdomain takeover hunting.…

Apr 25, 2026 · 3 min read
Red Teaming

Sock Puppet Accounts for OSINT Investigations: OPSEC and Ethics

Operational sock puppet accounts for OSINT — the OPSEC stack (browser profile, VPN, email, phone, fingerprint), believable persona building, attribution mistakes, legal/ethical…

Apr 25, 2026 · 4 min read