Capture the Flag of ChatGPT through Prompt Injection

Khalid AlnajjarAI, Hacking, Security Leave a Comment

Large Language Models such as ChatGPT are phenomenal, they are capable of performing a wide range of tasks such as summarization, translation, programming and way more. However, many companies offering LLM use input prompts and interactions with the models as training data to improve the capabilities of the model. With that, a risk of having the model reveal sensitive information …

How to Take Screenshots of Secure Conversations on Android

Khalid AlnajjarAndroid, Security Leave a Comment

Google has introduced a feature to Android that prevents taking screenshots or recording the screen when sensitive information are present. Developers decide whether the information is sensitive or not. For instance, most banking apps restrict you from taking screenshots to prevent sharing sensitive information that would lead to stealing your credentials. When taking a screenshot of such information, a message …

Stealthy Crawling using Scrapy, Tor and Privoxy

Khalid AlnajjarProgramming, Security Leave a Comment

Sometimes one needs to crawl certain information online as part of their project. However, websites do not like crawlers much because of obvious reasons. As a result, websites would implement a mechanism for blocking crawlers. In this post, I will explain how to crawl websites without exposing your information and, in case the crawler got blocked, it is capable of …

Hacking Jeff – Writeup

Khalid AlnajjarHacking, Security Leave a Comment

Jeff has started his web development but little did he know that hackers are always ready to break in, at any day and time. Jeff’s website is accessible through a virtual machine via tryhackme.com (a platform for learning and practicing penetration testing). Let’s see whether we can pwn his web server or not. Deploy Jeff’s machine and let the fun …

Ivacy VPN: a VPN you should not use

Khalid AlnajjarSecurity Leave a Comment

Ivacy VPN, the VPN that suddenly got so popular because of their affordable prices and, based on their claims, fast speed and zero-log policy. I heard about it around a year ago from a friend, who had some compliments and complaints about it. When I was comparing VPN providers for a blog post, I had Ivacy VPN on my draft. ...

Personal VPN to Bypass Internet Censorship, VPN Blocking and Bandwidth Throttling

Khalid AlnajjarSecurity Leave a Comment

Having a VPN, Virtual Private Network, is essential nowadays for many reasons, such as accessing restricted content by your ISP or government, bypassing geographically restricted content, protecting your privacy, and so on. In an earlier post, I have reviewed the top three VPN providers. If you are looking for a secure and affordable VPN provider, Private Internet Access is an ...

How to create multiple accounts on a website using one email

Khalid AlnajjarSecurity Leave a Comment

Whenever I want to create a new product, such as a website, bot, mobile app, I immediately create its social accounts (Facebook, Instagram, Twitter, ... etc) right after deciding what the name of the product is going to be. However, creating a new email for every product is annoying. Filling out forms, confirming your identity, recalling/storing multiple credentials, checking the ...

3 Top VPN providers and which VPN to use

Khalid AlnajjarSecurity Leave a Comment

There are enormous reasons why you should use a VPN, including, but not limited to, protecting your privacy by hiding your browsing history from your ISP or local network, permitting access to some geo-blocked content (e.g. playing Pokémon Go before its officially released in your country), bypassing your ISP's internet censorship, and many more. However, there is a tremendous number of VPN providers available ...