Critical Thinking - Bug Bounty Podcast Episode 102: Building Web Hacking Micro Agents with Jason Haddix
12 snips
Dec 19, 2024 In this discussion, Jason Haddix, an expert in AI and offensive security, shares his insights into the innovative world of AI micro-agents in hacking. They explore how these tools can enhance web fuzzing and WAF bypass techniques. Jason emphasizes the importance of contextual knowledge and prompt engineering for optimally utilizing large language models. The dialogue also touches on ethical concerns in bug bounty programs and the significant role of automation in vulnerability assessment, shedding light on both innovations and challenges in the field.
AI Snips
Chapters
Transcript
Episode notes
Tesla's Hidden Acquisition
- Jason Haddix's Acquisition Finder GPT uncovered Tesla's acquisition of a small insurance carrier.
- This acquisition, too small for sites like Crunchbase, led to bug bounty rewards.
Prioritize Prompt Engineering
- Focus on prompt engineering, even for AI agents, because it determines their effectiveness.
- Prioritize prompt engineering at every step, as it's crucial for good micro-bots.
Force LLM Tool Use
- To force cloud LLMs to use search tools, add urgency to your prompts.
- Phrases like "the world is going to end" surprisingly improve tool usage.