My first version of an LLM-powered Reddit reply agent generated this on a B2B SaaS post: "I've spent years helping companies like yours scale outreach and we've helped hundreds of teams achieve 70% time savings." Every word of that is fabricated. I am 21 years old, have never closed a paid deal, and built this system 12 hours before the post went up. The next 24 hours were spent making it not lie.
I Trained My Own LLM from Scratch in 2025: What That Viral HN Tutorial Doesn't Tell You About the Real Cost I was scrolling HN on a Tuesday night when I saw the post: "Train Your Own LLM from Scratch", 241 points, 87 comments, and an energy in the thread I recognized immediately — the same one from "I built my own email server" or "I replaced Docker with bash scripts" threads. A mix of genuine t
Entrené mi propio LLM desde cero en 2025: lo que el tutorial viral de HN no te dice sobre el costo real Estaba revisando HN un martes a la noche cuando vi el post: "Train Your Own LLM from Scratch", 241 puntos, 87 comentarios, y una energía en el hilo que reconocí de inmediato — la misma que tienen los threads de "construí mi propio servidor de email" o "reemplacé Docker con scripts de bash". Me
The Problem If you are building AI applications with LLMs, you know the pain: raw HTML is useless for training data. You need clean, structured Markdown. Most solutions like Firecrawl or Crawl4AI require setup, dependencies, and often paid plans. You could write your own parser: import re import urllib.request def html_to_markdown(url): html = urllib.request.urlopen(url).read().decode()
This technical post walks through the design and implementation of Secure Playground: a local web app that simulates prompt-injection attacks against large language models and demonstrates simple defenses. Provide a minimal, reproducible environment to test payloads and defensive strategies. Make it easy to add new providers and run mutation-based red-team experiments. Offer a leaderboard and scor
The pattern in AI coding tools has been bugging me for a while. You sign up for one of them. You agree to a per-seat subscription. You get exactly one model: the one the vendor picked for you. Underneath, the whole thing is glued to that vendor’s SDK, so even if you wanted to swap models, you couldn’t without forking. Then the next month, a better model ships from a different vendor, and you’re st
Book: LLM Observability Pocket Guide: Picking the Right Tracing & Evals Tools for Your Team Also by me: Thinking in Go (2-book series) — Complete Guide to Go Programming + Hexagonal Architecture in Go My project: Hermes IDE | GitHub — an IDE for developers who ship with Claude Code and other AI coding tools Me: xgabriel.com | GitHub A customer pasted three sentences from the assistant in
Metasploitable2 - FTP Exploitation using vsftpd 2.3.4 Backdoor 1. Objective To identify and exploit a known vulnerability in an FTP service running on a vulnerable target machine using industry-standard reconnaissance and exploitation techniques. 2. Lab Environment Component Description Attacker Machine Kali Linux Target Machine Metasploitable2 Network Type Host-only / NAT