Hands-on research at the intersection of offensive security and AI systems. This repo documents my practical work across LLM threat modelling, prompt injection testing, agentic AI attack surfaces, and AI red teaming techniques.
Active lab work from HTB Certified Offensive AI Expert (COAE) and independent research conducted alongside governance work in regulated financial services.
Techniques for direct and indirect prompt injection across LLM-integrated applications. Testing trust boundaries between user input, system prompts, and tool-calling behaviour in agentic systems.
Attack surface analysis of Retrieval-Augmented Generation architectures — data poisoning via vector store manipulation, context window abuse, and embedding inversion techniques.
STRIDE-based threat models for multi-agent systems built on frameworks including Griptape and Google ADK. Focus on privilege escalation between agents, insecure tool use, and lateral movement via compromised context.
Exploratory work on membership inference and model extraction via API interaction patterns.
- /threat-models STRIDE threat models for common AI architectures
- /prompt-injection PoC payloads and bypass techniques
- /rag-attacks Vector store poisoning and retrieval manipulation
- /agentic-systems Multi-agent attack surface research
- /htb-labs Write-ups from HTB COAE modules (where permitted)
- HTB Certified Offensive AI Expert (COAE) — In Progress
- ISO 42001 — AI Management Systems (PECB)
Threat modelling follows STRIDE. Attack techniques are mapped to OWASP Top 10 for LLMs and MITRE ATLAS where applicable.
All research is conducted in controlled lab environments.
This repo grows as the research does. Follow for updates.