I found a CSRF in ollama's self-hostable API, which may have also lead to me coming up with a new class of LLM vulnerabilities hehehe| blog.jaisal.dev
I reverse engineered the discord mobile API to create a vencord plugin to search for messages across discord DM and group channels.| blog.jaisal.dev
I created a new attack called clipjacking. One might even call it clickjacking but better. Read the post and I'll show you how to do it and some potential applications.| Jaisal's Blog
Short yap session about this page and all that. Hopefully I don't bore you with the other posts.| blog.jaisal.dev
Yeah I think the title says it all. Jorian and I penetration tested the model context protocol and had some fun breaking it. We ended up hacking a range of things, from cloud infrastructure to crypto| blog.jaisal.dev