mudpak
@mudpak.bsky.social
Reposted by mudpak
🤓 I have built an MCP for YARA rule creation and it works pretty great!
With DocYara MCP, you can:
– Generate YARA rules
– Validate and optimize them
– Deploy your rule directly to VirusTotal Livehunt
I did a full walkthrough on YouTube 👇
https://youtu.be/mQqGS2WyRwU?si=6OwaMQ6QXW4PMCwH
With DocYara MCP, you can:
– Generate YARA rules
– Validate and optimize them
– Deploy your rule directly to VirusTotal Livehunt
I did a full walkthrough on YouTube 👇
https://youtu.be/mQqGS2WyRwU?si=6OwaMQ6QXW4PMCwH
June 9, 2025 at 5:25 AM
🤓 I have built an MCP for YARA rule creation and it works pretty great!
With DocYara MCP, you can:
– Generate YARA rules
– Validate and optimize them
– Deploy your rule directly to VirusTotal Livehunt
I did a full walkthrough on YouTube 👇
https://youtu.be/mQqGS2WyRwU?si=6OwaMQ6QXW4PMCwH
With DocYara MCP, you can:
– Generate YARA rules
– Validate and optimize them
– Deploy your rule directly to VirusTotal Livehunt
I did a full walkthrough on YouTube 👇
https://youtu.be/mQqGS2WyRwU?si=6OwaMQ6QXW4PMCwH
Reposted by mudpak
I’m cooking a new MCP server for threat actor aliases! Bear with me 🤓
June 5, 2025 at 10:01 AM
I’m cooking a new MCP server for threat actor aliases! Bear with me 🤓
Reposted by mudpak
I made a quick walkthrough of the Threat Actor Alias Knowledge Graph. Check it out 👇
https://youtu.be/UVkTowFG1Yk?si=XxMidu04WLPiuKmM
https://youtu.be/UVkTowFG1Yk?si=XxMidu04WLPiuKmM
June 4, 2025 at 8:04 PM
I made a quick walkthrough of the Threat Actor Alias Knowledge Graph. Check it out 👇
https://youtu.be/UVkTowFG1Yk?si=XxMidu04WLPiuKmM
https://youtu.be/UVkTowFG1Yk?si=XxMidu04WLPiuKmM
Reposted by mudpak
🤓 Threat Actor Naming is getting easier! Well… that is my hope!
Microsoft and CrowdStrike announced a collaboration to cross-ref their threat actor naming conventions.
This means we finally have an official correlation between multiple names used across the industry for the same threat actors! […]
Microsoft and CrowdStrike announced a collaboration to cross-ref their threat actor naming conventions.
This means we finally have an official correlation between multiple names used across the industry for the same threat actors! […]
[Video] Original post on infosec.exchange
infosec.exchange
June 4, 2025 at 6:49 AM
🤓 Threat Actor Naming is getting easier! Well… that is my hope!
Microsoft and CrowdStrike announced a collaboration to cross-ref their threat actor naming conventions.
This means we finally have an official correlation between multiple names used across the industry for the same threat actors! […]
Microsoft and CrowdStrike announced a collaboration to cross-ref their threat actor naming conventions.
This means we finally have an official correlation between multiple names used across the industry for the same threat actors! […]
Reposted by mudpak
🤓 I made a short video to talk about AI Security frameworks. I cover the OWASP LLM Top Ten, the MITRE ATLAS Matrix, and Indicators of Prompt Compromise. Check it out this is brief!
https://youtu.be/AXnOkKcK2X8?si=yPKGJDTPYtnNpPJw
https://youtu.be/AXnOkKcK2X8?si=yPKGJDTPYtnNpPJw
June 3, 2025 at 6:16 AM
🤓 I made a short video to talk about AI Security frameworks. I cover the OWASP LLM Top Ten, the MITRE ATLAS Matrix, and Indicators of Prompt Compromise. Check it out this is brief!
https://youtu.be/AXnOkKcK2X8?si=yPKGJDTPYtnNpPJw
https://youtu.be/AXnOkKcK2X8?si=yPKGJDTPYtnNpPJw
Reposted by mudpak
🤓 RAG are powerful. They allow you to search your own knowledge base and extend your AI system with your own data.
A RAG injects relevant context into the context window tailored to your domain.
But most RAG setups are static. They require manual update, it is slow and impractical when your […]
A RAG injects relevant context into the context window tailored to your domain.
But most RAG setups are static. They require manual update, it is slow and impractical when your […]
[Video] Original post on infosec.exchange
infosec.exchange
June 2, 2025 at 5:18 AM
🤓 RAG are powerful. They allow you to search your own knowledge base and extend your AI system with your own data.
A RAG injects relevant context into the context window tailored to your domain.
But most RAG setups are static. They require manual update, it is slow and impractical when your […]
A RAG injects relevant context into the context window tailored to your domain.
But most RAG setups are static. They require manual update, it is slow and impractical when your […]
Reposted by mudpak
I recently updated my personal website. It is now cleaner and better organized than before. You can find my previous public presentations as well as my latest blogs and projects. Have a look! 🤓
👉 https://securitybreak.io
👉 https://securitybreak.io
Thomas Roccia - SecurityBreak.io | Threat Intelligence & Malware Analysis Expert
Thomas Roccia is a cybersecurity expert specializing in threat intelligence, malware analysis, and artificial intelligence. Building tools and delivering intelligence to push cybersecurity forward.
securitybreak.io
May 31, 2025 at 5:07 AM
I recently updated my personal website. It is now cleaner and better organized than before. You can find my previous public presentations as well as my latest blogs and projects. Have a look! 🤓
👉 https://securitybreak.io
👉 https://securitybreak.io
Reposted by mudpak
🤓 I will be teaching my training at BlackHat USA on Practical GenAI for CTI.
This is a heavy hands-on training where you will learn advanced techniques to build your own AI CTI arsenal for real-world use cases, not theory!
Check the quick overview of the modules 👇
1️⃣ - Intro & Setup
Get your […]
This is a heavy hands-on training where you will learn advanced techniques to build your own AI CTI arsenal for real-world use cases, not theory!
Check the quick overview of the modules 👇
1️⃣ - Intro & Setup
Get your […]
Original post on infosec.exchange
infosec.exchange
May 28, 2025 at 12:16 AM
🤓 I will be teaching my training at BlackHat USA on Practical GenAI for CTI.
This is a heavy hands-on training where you will learn advanced techniques to build your own AI CTI arsenal for real-world use cases, not theory!
Check the quick overview of the modules 👇
1️⃣ - Intro & Setup
Get your […]
This is a heavy hands-on training where you will learn advanced techniques to build your own AI CTI arsenal for real-world use cases, not theory!
Check the quick overview of the modules 👇
1️⃣ - Intro & Setup
Get your […]
Reposted by mudpak
🤓 I had a great time at AUSCERT with a packed room. I shared several concepts I recently introduced around AI and cybersecurity, real attacks, LLM TTPs, IoPC (Indicator of Prompt Compromise) and NOVA for adversarial prompt matching and detection!
May 23, 2025 at 4:29 AM
🤓 I had a great time at AUSCERT with a packed room. I shared several concepts I recently introduced around AI and cybersecurity, real attacks, LLM TTPs, IoPC (Indicator of Prompt Compromise) and NOVA for adversarial prompt matching and detection!
Reposted by mudpak
✨ Codex is an AI agent to help you code features, answer questions about your codebase, fix bugs, and propose pull requests.
I have been using the CLI version for a while now with solid results. Codex is pretty powerful and can answer deep questions about a […]
[Original post on infosec.exchange]
I have been using the CLI version for a while now with solid results. Codex is pretty powerful and can answer deep questions about a […]
[Original post on infosec.exchange]
May 19, 2025 at 4:16 AM
✨ Codex is an AI agent to help you code features, answer questions about your codebase, fix bugs, and propose pull requests.
I have been using the CLI version for a while now with solid results. Codex is pretty powerful and can answer deep questions about a […]
[Original post on infosec.exchange]
I have been using the CLI version for a while now with solid results. Codex is pretty powerful and can answer deep questions about a […]
[Original post on infosec.exchange]
Reposted by mudpak
🤓 A friend of mine shared me an article published today about a clever and interesting concept called LargeLanguageC2.
Let me break it down simply 👇
It is a steganographic Command & Control channel that hides commands inside natural language text.
Here’s […]
[Original post on infosec.exchange]
Let me break it down simply 👇
It is a steganographic Command & Control channel that hides commands inside natural language text.
Here’s […]
[Original post on infosec.exchange]
May 17, 2025 at 8:27 AM
🤓 A friend of mine shared me an article published today about a clever and interesting concept called LargeLanguageC2.
Let me break it down simply 👇
It is a steganographic Command & Control channel that hides commands inside natural language text.
Here’s […]
[Original post on infosec.exchange]
Let me break it down simply 👇
It is a steganographic Command & Control channel that hides commands inside natural language text.
Here’s […]
[Original post on infosec.exchange]
Reposted by mudpak
🤓 Over the past 3 years, I have been building and sharing real-world applications of AI for cybersecurity.
I just posted a blog with a recap of my public work and a few personal thoughts at the end. Take a look 👇
https://blog.securitybreak.io/inside-the-ai-x-security-arsenal-ive-built-0a77b6424918
I just posted a blog with a recap of my public work and a few personal thoughts at the end. Take a look 👇
https://blog.securitybreak.io/inside-the-ai-x-security-arsenal-ive-built-0a77b6424918
Inside the AI x Security Arsenal I’ve Built
A three-year log of 20+ AI tools for malware triage, CTI, RAG, MCP, NOVA, and more - complete notebooks and code included.
blog.securitybreak.io
May 15, 2025 at 7:13 AM
🤓 Over the past 3 years, I have been building and sharing real-world applications of AI for cybersecurity.
I just posted a blog with a recap of my public work and a few personal thoughts at the end. Take a look 👇
https://blog.securitybreak.io/inside-the-ai-x-security-arsenal-ive-built-0a77b6424918
I just posted a blog with a recap of my public work and a few personal thoughts at the end. Take a look 👇
https://blog.securitybreak.io/inside-the-ai-x-security-arsenal-ive-built-0a77b6424918
Reposted by mudpak
🤓 I wrote a quick script to scan an MCP endpoint and list all available tools. If the endpoint requires auth, just pass the token via command line.
Check this out 👇 https://gist.github.com/fr0gger/1731d89a02d08a1bc9a00982c02e2f44
Check this out 👇 https://gist.github.com/fr0gger/1731d89a02d08a1bc9a00982c02e2f44
May 12, 2025 at 5:08 AM
🤓 I wrote a quick script to scan an MCP endpoint and list all available tools. If the endpoint requires auth, just pass the token via command line.
Check this out 👇 https://gist.github.com/fr0gger/1731d89a02d08a1bc9a00982c02e2f44
Check this out 👇 https://gist.github.com/fr0gger/1731d89a02d08a1bc9a00982c02e2f44
Reposted by mudpak
👉 New report on malicious GenAI use, attackers crafting prompts to generate deepfakes of celebrities and civilians.
They manipulate models to produce explicit or fake images.
Every day, the concept of IoPC (Indicator of Prompt Compromise) becomes more relevant […]
They manipulate models to produce explicit or fake images.
Every day, the concept of IoPC (Indicator of Prompt Compromise) becomes more relevant […]
Original post on infosec.exchange
infosec.exchange
May 9, 2025 at 10:55 PM
👉 New report on malicious GenAI use, attackers crafting prompts to generate deepfakes of celebrities and civilians.
They manipulate models to produce explicit or fake images.
Every day, the concept of IoPC (Indicator of Prompt Compromise) becomes more relevant […]
They manipulate models to produce explicit or fake images.
Every day, the concept of IoPC (Indicator of Prompt Compromise) becomes more relevant […]
Reposted by mudpak
🤓 On May 22, I will be presenting at @auscert about the future of breaches in the context of AI!
I will talk about what a breach means in AI systems. I will also introduce several concepts I’ve been working on, such as Indicators of Prompt Compromise (IoPC) […]
[Original post on infosec.exchange]
I will talk about what a breach means in AI systems. I will also introduce several concepts I’ve been working on, such as Indicators of Prompt Compromise (IoPC) […]
[Original post on infosec.exchange]
May 7, 2025 at 5:20 AM
🤓 On May 22, I will be presenting at @auscert about the future of breaches in the context of AI!
I will talk about what a breach means in AI systems. I will also introduce several concepts I’ve been working on, such as Indicators of Prompt Compromise (IoPC) […]
[Original post on infosec.exchange]
I will talk about what a breach means in AI systems. I will also introduce several concepts I’ve been working on, such as Indicators of Prompt Compromise (IoPC) […]
[Original post on infosec.exchange]
Reposted by mudpak
🤔 If you are deploying an AI system for your organization, have you thought about securing it?
Have you considered how you will handle security, detecting malicious prompts, tracking suspicious patterns, blocking prompt injections?
I believe the concept of […]
[Original post on infosec.exchange]
Have you considered how you will handle security, detecting malicious prompts, tracking suspicious patterns, blocking prompt injections?
I believe the concept of […]
[Original post on infosec.exchange]
May 5, 2025 at 5:26 AM
🤔 If you are deploying an AI system for your organization, have you thought about securing it?
Have you considered how you will handle security, detecting malicious prompts, tracking suspicious patterns, blocking prompt injections?
I believe the concept of […]
[Original post on infosec.exchange]
Have you considered how you will handle security, detecting malicious prompts, tracking suspicious patterns, blocking prompt injections?
I believe the concept of […]
[Original post on infosec.exchange]
Reposted by mudpak
Meta released LlamaFirewall, a security layer built to protect LLM applications.
It uses 4 modular guardrails. Here’s how it works under the hood 👇
🔍 PromptGuard 2 is a BERT-based jailbreak detector. It catches inputs like “Ignore all prior instructions,” even with obfuscation.
🧠 […]
It uses 4 modular guardrails. Here’s how it works under the hood 👇
🔍 PromptGuard 2 is a BERT-based jailbreak detector. It catches inputs like “Ignore all prior instructions,” even with obfuscation.
🧠 […]
Original post on infosec.exchange
infosec.exchange
May 1, 2025 at 7:04 AM
Meta released LlamaFirewall, a security layer built to protect LLM applications.
It uses 4 modular guardrails. Here’s how it works under the hood 👇
🔍 PromptGuard 2 is a BERT-based jailbreak detector. It catches inputs like “Ignore all prior instructions,” even with obfuscation.
🧠 […]
It uses 4 modular guardrails. Here’s how it works under the hood 👇
🔍 PromptGuard 2 is a BERT-based jailbreak detector. It catches inputs like “Ignore all prior instructions,” even with obfuscation.
🧠 […]
Reposted by mudpak
🤓 I believe that prompts are the IOCs of tomorrow!
Let me explain👇
Last week, Anthropic released a threat report about malicious uses of their AI model Claude. While the report is interesting, it is missing critical actionable insights to make it truly useful for threat analysts.
With AI […]
Let me explain👇
Last week, Anthropic released a threat report about malicious uses of their AI model Claude. While the report is interesting, it is missing critical actionable insights to make it truly useful for threat analysts.
With AI […]
Original post on infosec.exchange
infosec.exchange
April 29, 2025 at 8:35 PM
🤓 I believe that prompts are the IOCs of tomorrow!
Let me explain👇
Last week, Anthropic released a threat report about malicious uses of their AI model Claude. While the report is interesting, it is missing critical actionable insights to make it truly useful for threat analysts.
With AI […]
Let me explain👇
Last week, Anthropic released a threat report about malicious uses of their AI model Claude. While the report is interesting, it is missing critical actionable insights to make it truly useful for threat analysts.
With AI […]
Reposted by mudpak
New business card!
April 28, 2025 at 10:57 PM
New business card!
Reposted by mudpak
If you want to learn more I am running a detailed training here: https://store.securitybreak.io/ctiai
Practical GenAI for Threat Intel
This is the ultimate Generative AI threat intelligence course, it give you critical hands-on skills for real security challenges.
store.securitybreak.io
April 28, 2025 at 5:19 AM
If you want to learn more I am running a detailed training here: https://store.securitybreak.io/ctiai
Reposted by mudpak
A new prompt injection technique called "Policy Puppetry" has been released. It abuses how LLMs interpret structured prompts like XML, JSON, or INI files by crafting prompts that look like internal policy configurations.
In my case, I crafted an XML […]
[Original post on infosec.exchange]
In my case, I crafted an XML […]
[Original post on infosec.exchange]
April 28, 2025 at 5:19 AM
A new prompt injection technique called "Policy Puppetry" has been released. It abuses how LLMs interpret structured prompts like XML, JSON, or INI files by crafting prompts that look like internal policy configurations.
In my case, I crafted an XML […]
[Original post on infosec.exchange]
In my case, I crafted an XML […]
[Original post on infosec.exchange]
Reposted by mudpak
Interesting prompt injection technique dubbed Policy Puppetry that works on most models. I was interested to test it and wanted to give you a universal protection!
So I created a NOVA rule to block this technique. Below is the result 👇
📋 […]
[Original post on infosec.exchange]
So I created a NOVA rule to block this technique. Below is the result 👇
📋 […]
[Original post on infosec.exchange]
April 26, 2025 at 12:19 AM
Interesting prompt injection technique dubbed Policy Puppetry that works on most models. I was interested to test it and wanted to give you a universal protection!
So I created a NOVA rule to block this technique. Below is the result 👇
📋 […]
[Original post on infosec.exchange]
So I created a NOVA rule to block this technique. Below is the result 👇
📋 […]
[Original post on infosec.exchange]
Reposted by mudpak
🤓 I recently got new contributors and many questions about NOVA, the framework I created for AI Security, so here is a quick overview:
NOVA is a prompt pattern-matching system inspired by YARA, but instead of strings, you use keywords, semantics, and LLM-based detection.
🔍 Keyword Detection […]
NOVA is a prompt pattern-matching system inspired by YARA, but instead of strings, you use keywords, semantics, and LLM-based detection.
🔍 Keyword Detection […]
Original post on infosec.exchange
infosec.exchange
April 25, 2025 at 10:44 AM
🤓 I recently got new contributors and many questions about NOVA, the framework I created for AI Security, so here is a quick overview:
NOVA is a prompt pattern-matching system inspired by YARA, but instead of strings, you use keywords, semantics, and LLM-based detection.
🔍 Keyword Detection […]
NOVA is a prompt pattern-matching system inspired by YARA, but instead of strings, you use keywords, semantics, and LLM-based detection.
🔍 Keyword Detection […]
Reposted by mudpak
I found an old doodle in my archive that never made the cut for my book. I just updated it with my new design and thought I should share it. :)
April 23, 2025 at 5:30 AM
I found an old doodle in my archive that never made the cut for my book. I just updated it with my new design and thought I should share it. :)
Reposted by mudpak
🤓 I wrote a new blog post that shows how to use NOVA (the prompt pattern-matching) with MCP, to build your own LLM gateway and block any kind of malicious prompt!
Quick reminder about NOVA: unlike most LLM guardrails, NOVA uses customizable detection rules […]
[Original post on infosec.exchange]
Quick reminder about NOVA: unlike most LLM guardrails, NOVA uses customizable detection rules […]
[Original post on infosec.exchange]
April 22, 2025 at 5:40 AM
🤓 I wrote a new blog post that shows how to use NOVA (the prompt pattern-matching) with MCP, to build your own LLM gateway and block any kind of malicious prompt!
Quick reminder about NOVA: unlike most LLM guardrails, NOVA uses customizable detection rules […]
[Original post on infosec.exchange]
Quick reminder about NOVA: unlike most LLM guardrails, NOVA uses customizable detection rules […]
[Original post on infosec.exchange]