Published
SPECTRA White Paper
A technical white paper proposing a framework for context-aware AI security testing, focused on system-level risk, attack chains, business impact, and remediation mapping.
Research Notes
Writing on AI Security, Social Engineering, and Offensive Methodology
A collection of research notes, essays, technical explainers, and working ideas focused on AI/LLM security, emerging AI-enabled social engineering, SPECTRA development, and practical offensive security methodology.
Featured Research
Start here
Drafting
Why AI Security Testing Has a Context Problem
A research note explaining why generic prompt coverage often fails to determine whether an AI system failure creates meaningful real-world risk.
DraftingDrafting
The Future of Social Engineering Is AI-Enabled
An analysis of how generative AI changes reconnaissance, phishing, vishing, impersonation, synthetic identity, and human trust exploitation.
DraftingResearch Themes
Main areas of focus
These themes define the main areas I am researching, writing about, and building around as AI systems become more connected to data, tools, workflows, and human decision-making.
AI/LLM Security
Prompt injection, RAG exposure, model behavior, system prompt leakage, tool misuse, guardrail bypass, and AI application risk.
Emerging AI-Enabled Social Engineering
AI-assisted reconnaissance, synthetic personas, phishing and vishing evolution, impersonation risk, pretext generation, and trust signals.
SPECTRA Development
Framework notes, roadmap updates, methodology refinements, attack chain logic, context-aware testing concepts, and tooling ideas.
Offensive Security Methodology
Practical notes on testing structure, finding development, reporting, risk communication, and impact.
Categories
Research lanes
SPECTRA Development Notes
Introducing SPECTRA, model testing vs. system testing, from prompt failure to business impact, and building the framework in public.
BuildingAI/LLM Security Notes
Prompt injection as a symptom, RAG security as authorization, agent attack surface, and better AI security finding writing.
BuildingAI-Enabled Social Engineering Notes
The future of social engineering, deepfakes beyond the hype, synthetic identity, and AI agents as deception infrastructure.
BuildingOffensive Security Methodology
How to turn technical observations into findings, why attack paths matter, and why operator judgment still matters.
BuildingAll Research Notes
Living research index
Research notes will be published here as they are drafted, refined, and released.
Why AI Security Testing Has a Context Problem
AI/LLM Security · Drafting · Generic payload coverage can identify model behavior, but it does not always explain whether a failure matters in a real system.
DraftingModel Testing vs. System Testing
SPECTRA · Drafting · The difference between proving model manipulation and proving system-level impact.
DraftingRAG Security Is an Authorization Problem
AI/LLM Security · Planned · How retrieval systems can fail when authorization, indexing, and access control are not designed for adversarial input.
Planned