taku – Author –
-
![[Introduction to AI Security] Disabling Specific Classes by Tampering with Models | HackTheBox Fuel Crisis Writeup](data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==)
[AI Security] Disabling specific classes by tampering with the model | HackTheBox Fuel Crisis Writeup
We are now in an era where AI not only "learns and makes decisions," but also the models that make those decisions are themselves targets of attack. In particular, the weights and biases of machine learning models are central to determining their output, and tampering with these can intentionally distort prediction results. Such models... -
[AI Security] Attacking AI-Negotiated Ransomware with Prompt Injection | HackTheBox TrynaSob Ransomware Writeup
We are now in an era where AI is no longer just a "conversational partner" but can also be a tool for attackers. In recent years, even in the world of ransomware, AI negotiation bots have appeared that automate interactions with victims, streamlining ransom payments. However, the authority and information that this AI possesses... -
[AI Security] AI Agent Hijacking Exploiting OpenAI Function Calling: Practice and Defense Strategies Explained! HackTheBox Loyalty Survey Writeup
The evolution of AI has already gone beyond simply conversing with humans. Recent large-scale language models (LLMs) can call external functions and APIs in response to user requests, running actual systems and services. OpenAI's Function Calling feature... -
[AI Security] Tricking an LLM with Prompt Injection | HackTheBox External Affairs Writeup
We live in an age where AI is acting as a proxy for human decision-making. What would happen if we could "trick" that AI just a little? This time, we took on the challenge of a CTF to break through international travel screening using AI. We used prompt injection, a technique that exploits a weakness in large-scale language models (LLMs). -
[Practical Guide] Hacking with RCE from SSTI Vulnerability on HackTheBox! Learn the Causes and Countermeasures of Vulnerabilities | Spookifier Writeup
Template engines are widely used in web applications to combine HTML and data to generate displays. For example, template engines are used on the backend to embed usernames, post contents, and other information into HTML. However,... -
How to get started with Hack The Box | A thorough comparison of free and paid plans, Labs and Academy
Many people who are aspiring to become security engineers and want to improve their skills through CTFs may have become interested in Hack the Box (HTB) with this in mind. However, when you actually look at the official website, you'll see a wide variety of services (Labs, Academy, CTF, Business, etc.) lined up... -
How to build a web app that automatically generates LPs in ChatGPT + Next.js [OpenAI API + Next.js + Tailwind CSS]
Recently, no-code AI tools like "Readdy" have been attracting attention. We are now in an age where anyone can easily use AI, but have you ever thought, "I want to incorporate AI into my services" or "I want to customize it more freely"? In this article, we will introduce the following... -
I created an image generation app using Next.js and OpenAI API-DALL·E 3 (Tailwind CSS compatible)
Have you ever wanted to actually incorporate the recently talked about image generation AI into your app? In this article, we will show you how to build a simple image generation app using Next.js (App Router), Tailwind CSS, and OpenAI's Image Generation API (DALL·E 3)... -
I tried creating a chatbot using the OpenAI API [Next.js + Tailwind CSS]
Recently, more and more people are using OpenAI's API to create their own chatbots and business assistants. This article shows you how to build a simple and easy to customize chat UI using Next.js (App Router) and Tailwind CSS. OpenAI chat... -
Is Coolify automatically exited? The true nature of the problem that stops every day [v4.0.0-beta.420.1]
I was faced with this mysterious phenomenon where an app I deployed on Coolify automatically ends up exiting at a certain time every day. At first I thought, "Is it stopped because I haven't set up a Health check?" and looked around the settings, but I couldn't find any particular cause...
![[Introduction to AI Security] Disabling Specific Classes by Tampering with Models | HackTheBox Fuel Crisis Writeup](https://hack-lab-256.com/wp-content/uploads/2025/08/hack-lab-256-samnail-32-1024x576.jpg)
![[AI Security] Attacking AI-Negotiated Ransomware with Prompt Injection | HackTheBox TrynaSob Ransomware Writeup](https://hack-lab-256.com/wp-content/uploads/2025/08/hack-lab-256-samnail-31-1024x576.jpg)
![[AI Security] AI Agent Hijacking Exploiting OpenAI Function Calling: Practice and Defense Strategies Explained! HackTheBox Loyalty Survey Writeup](https://hack-lab-256.com/wp-content/uploads/2025/08/hack-lab-256-samnail-30-1024x576.jpg)
![[AI Security] Tricking an LLM with Prompt Injection | HackTheBox External Affairs Writeup](https://hack-lab-256.com/wp-content/uploads/2025/08/hack-lab-256-samnail-29-1024x576.jpg)
![[Practical Guide] Hacking with RCE from SSTI Vulnerability on HackTheBox! Learn the Causes and Countermeasures of Vulnerabilities | Spookifier Writeup](https://hack-lab-256.com/wp-content/uploads/2025/08/hack-lab-256-samnail-28-1024x576.jpg)
![How to build a web app that automatically generates LPs in ChatGPT + Next.js [OpenAI API + Next.js + Tailwind CSS]](https://hack-lab-256.com/wp-content/uploads/2025/07/hack-lab-256-samnail-27-1024x576.jpg)
![I tried creating a chatbot using the OpenAI API [Next.js + Tailwind CSS]](https://hack-lab-256.com/wp-content/uploads/2025/07/hack-lab-256-samnail-25-1024x576.jpg)
![Is Coolify automatically exited? The true nature of the problem that stops every day [v4.0.0-beta.420.1]](https://hack-lab-256.com/wp-content/uploads/2025/07/hack-lab-256-samnail-24-1024x576.jpg)