This technical post walks through the design and implementation of Secure Playground: a local web app that simulates prompt-injection attacks against large language models and demonstrates simple defenses. Provide a minimal, reproducible environment to test payloads and defensive strategies. Make it easy to add new providers and run mutation-based red-team experiments. Offer a leaderboard and scor
Metasploitable2 - FTP Exploitation using vsftpd 2.3.4 Backdoor 1. Objective To identify and exploit a known vulnerability in an FTP service running on a vulnerable target machine using industry-standard reconnaissance and exploitation techniques. 2. Lab Environment Component Description Attacker Machine Kali Linux Target Machine Metasploitable2 Network Type Host-only / NAT
No build today. Just fundamentals. And honestly? It humbled me in the best way. Every automation I've built so far has relied on no-code/low-code tools like n8n to handle the logic. But I kept hitting moments where I thought , if I knew Python, I could do this faster, cleaner, and with more control. So I decided to fix that. And then I hit Exception Handling and File Handling and that's where thi
While learning python today, I spent some time understanding how the Python shell works and how modules behave inside it. The Python shell (or REPL) is basically an interactive environment where you can run code line-by-line. It's super useful when you just want to test something quickly instead of running a full script every time. While experimenting, I tried something interesting. I created a Py
This is Part 1 of a two-part series. Part 2 (coming soon): Connecting to spoke clusters from a controller using multicluster-runtime, driven by ClusterProfile. The Cluster Inventory API (multicluster.x-k8s.io) is driven by SIG-Multicluster and centered on the ClusterProfile resource. It only delivers value when something produces those ClusterProfiles. That something is a cluster manager. Today, t
When developers travel, we usually prepare the obvious things. Laptop charger. But there is one dependency that is easy to underestimate until it breaks: mobile internet. A trip to China makes this especially obvious. Not because China is hard to travel in, but because so many basic interactions are mobile-first: navigation, translation, ride-hailing, hotel communication, ticket confirmations, pay
I am currently working with the EA on their check for flooding team. I have been tasked to look at the 5 day river level charts with a view to add more historical data. This meant increasing the amount of data showed on the chart so users could compare the current river levels with the previous week, month or year. In order to proceed with some user research I needed to create a prototype of the r
We've been there. JSON Schema gets hard to write as soon as your payload is non-trivial. Conditional logic, cross-field rules, business invariants, and at some point we stop writing contracts at all. We go code-first, generate the schema from annotations, and end up with 200 lines very few understand, and error messages referencing paths like #/properties/items/allOf/0/then/Then that map to nothin