Classroom Glossary Public page

Week 1: The CVE-to-Tool Methodology, Recapped from ADV-101

Week 1 maps the ADV-101 CVE-to-Tool methodology onto the LLM-era target. You produce the two-page mapping table that anchors the rest of the course and sets your expectations.


Reading

  • Re-read ADV-101 Module 1 (CVE-to-Tool methodology) from your cohort archive.
  • Stuttard and Pinto, WAHH, Chapter 8 intro (SSTI overview). Roughly fifteen pages.
  • OWASP LLM Top 10 (current release), the LLM01 entry. Free.
  • Skim the public page for ADV-102 at vca-adv-102.html.

Lecture

Roughly three hours across two sessions. Key arc:

  • ADV-101 in one slide: classical CVE, full reproduction, defensible tool, coordinated-disclosure report. ADV-102 mirrors the shape.
  • Why LangChain plus CVE-2025-65106 is the right anchor for the LLM era.
  • What changed from ADV-101 to ADV-102. Different attack surface, same methodology.
  • The two-page mapping-table format. Cohort archive examples on the projector.
  • Forward pointer to Module 2: the LangChain architecture trace.

Lab pack

Lab Pack 1 produces the ADV-101 to ADV-102 mapping table. See Lab Pack 1.

Tools you will use

  • Your existing ADV-101 cohort archive for the mapping-table template.
  • A diagramming tool of your choice (the academy ships an ASCII template).

OWASP LLM and ASI anchor

CVE-2025-65106 is an instance of LLM01 Prompt Injection in the specific sense that the injection reaches a template renderer, not the model. The mapping table you produce this week makes that classification explicit.

Reflection prompts

  1. Name three structural similarities between an ADV-101 classical CVE and CVE-2025-65106.
  2. Name three structural differences.
  3. If you had to pick a different LLM-era CVE as the course anchor, which would you pick and why?

What is next

Module 2 opens the LangChain architecture. You stop talking about the CVE and start reading the framework code that hosts it.