Joseph Thacker (rez0)
AI Security, LLMs, and creative hacking

Joseph (rez0) is a pioneer in AI Security. His blog is the go-to resource for understanding how to hack LLM-integrated applications and the future of “AI-Powered Reconnaissance.”
Why Follow This Blog
Joseph Thacker combines active bug bounty hunting with cutting-edge AI security research. His practical approach to hacking LLM-integrated applications and his exploration of AI-powered security tools makes his blog essential reading for security professionals adapting to the AI era.
Key Topics Covered
AI & LLM Security
- Prompt Injection: Exploiting LLM-integrated applications
- AI Agent Attacks: Targeting autonomous AI systems
- RAG Exploitation: Attacking Retrieval-Augmented Generation systems
- LLM Jailbreaks: Bypassing AI safety mechanisms
- AI-Powered Recon: Using AI for vulnerability discovery
Bug Bounty Methodology
- Target Selection: Choosing high-value targets
- Recon Techniques: Modern reconnaissance approaches
- Vulnerability Chaining: Combining bugs for impact
- Report Writing: Effective vulnerability communication
Web Application Security
- Authentication Flaws: Login and session vulnerabilities
- Authorization Issues: Access control bypass
- API Security: REST and GraphQL exploitation
- Business Logic: Application-specific vulnerabilities
Productivity & Tools
- Automation: Streamlining security workflows
- Tool Development: Building custom security tools
- AI Assistants: Leveraging AI for security work
- Efficiency Tips: Working smarter as a researcher