About RealSecurity Labs
RealSecurity Labs is an independent security research practice run by a penetration tester and bug-bounty hunter with a long background in IT and product work. We focus on AI-enabled applications and the modern web, the places where off-the-shelf tooling tends to miss things and patient, methodical testing pays off.
What we work on
- AI and LLM security: prompt injection (direct, indirect, and RAG), guardrail bypass, agent and tool abuse, and threat modeling for autonomous systems.
- Application security: authorization flaws (IDOR, BOLA, BFLA), business-logic and state-machine bugs, and client-side issues in single-page apps.
- Cloud and infrastructure: SSRF, identity and metadata trust boundaries, and proving real out-of-band impact instead of stopping at a status code.
Our research shows up in public advisories too. CVE-2026-0766, a remote code execution bug in OpenWebUI, is one recent example, and we publish those writeups in full here.
AiDx
We build AiDx, a lab for breaking AI defenses the way real attackers do, in depth. Modern AI apps stack guardrails: an input filter here, an output classifier there, a system prompt full of rules, maybe a human approving the risky actions. A single payload rarely beats all of that at once. AiDx lets us peel each layer with the technique built for it, then combine the pieces into one chain that gets through. Once we have that AI-layer foothold, the rest of the engagement runs on the usual pentest toolkit.
How we work
Every finding is verified against an oracle: a state change, persistence, or an out-of-band callback. We do not claim a bug from a status code alone. We map issues to the frameworks teams already use (OWASP, MITRE ATLAS, STRIDE) so the people who have to fix them can act. We only test with explicit authorization and inside agreed scope.
Contact
For research collaboration or assessment work, use the contact details shared in the relevant engagement. We do not run unsolicited tests.