<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"><channel><title>DSEC Labs Blog</title><description>Technical security audits and offensive security for AI, Web3 and Web2: AI red teaming, smart-contract &amp; DeFi audits, application &amp; API penetration testing, cloud security, and identity/secrets advisory.</description><link>https://dseclabs.xyz</link><language>en-us</language><item><title>Build Your Own Gandalf: A Local Prompt-Injection Lab You Can Actually Break</title><link>https://dseclabs.xyz/blog/build-your-own-gandalf</link><guid isPermaLink="true">https://dseclabs.xyz/blog/build-your-own-gandalf</guid><description>Skip reading about how Gandalf-style guardrails work and build one yourself. A free, offline Python lab using Ollama that implements all eight defense patterns from this series, ready for you to attack.</description><pubDate>Wed, 15 Jul 2026 00:00:00 GMT</pubDate><category>prompt-injection</category><category>gandalf</category><category>llm</category><category>ai</category><category>red-teaming</category></item><item><title>Beating Gandalf, Part 3: Defense in Depth, Level 7 &amp; Gandalf the White</title><link>https://dseclabs.xyz/blog/beating-gandalf-level-7-and-the-white</link><guid isPermaLink="true">https://dseclabs.xyz/blog/beating-gandalf-level-7-and-the-white</guid><description>The final Gandalf levels stack every defense and then harden them with data from a million real attacks. They&apos;re beatable too, and that&apos;s the most important lesson in the whole series.</description><pubDate>Fri, 10 Jul 2026 00:00:00 GMT</pubDate><category>prompt-injection</category><category>gandalf</category><category>llm</category><category>red-teaming</category><category>ai</category></item><item><title>Beating Gandalf, Part 2: When the Guardrail Is Another LLM (Levels 4–6)</title><link>https://dseclabs.xyz/blog/beating-gandalf-levels-4-6</link><guid isPermaLink="true">https://dseclabs.xyz/blog/beating-gandalf-levels-4-6</guid><description>Levels 4–6 replace dumb string filters with LLM-as-judge guards on the input and output. Smarter, harder, and still beatable with indirection. Here&apos;s how, and what the actual guard code looks like.</description><pubDate>Mon, 06 Jul 2026 00:00:00 GMT</pubDate><category>prompt-injection</category><category>gandalf</category><category>llm</category><category>jailbreak</category><category>ai</category></item><item><title>Beating Gandalf, Part 1: From No Rules to Output Filters (Levels 1–3)</title><link>https://dseclabs.xyz/blog/beating-gandalf-levels-1-3</link><guid isPermaLink="true">https://dseclabs.xyz/blog/beating-gandalf-levels-1-3</guid><description>The first three Gandalf levels take you from &quot;just ask&quot; to defeating a deterministic output filter with encoding. A hands-on tour of the weakest LLM guardrails and why they fold.</description><pubDate>Fri, 03 Jul 2026 00:00:00 GMT</pubDate><category>prompt-injection</category><category>gandalf</category><category>llm</category><category>jailbreak</category><category>ai</category></item><item><title>Prompt Injection, Explained Through Lakera&apos;s Gandalf</title><link>https://dseclabs.xyz/blog/prompt-injection-explained-with-gandalf</link><guid isPermaLink="true">https://dseclabs.xyz/blog/prompt-injection-explained-with-gandalf</guid><description>Lakera&apos;s Gandalf is the best on-ramp to prompt injection ever built. Here&apos;s the full defense taxonomy behind its levels, and why none of it is enough on its own.</description><pubDate>Wed, 01 Jul 2026 00:00:00 GMT</pubDate><category>ai</category><category>llm</category><category>prompt-injection</category><category>gandalf</category><category>lakera</category><category>red-teaming</category></item></channel></rss>