Hack in a box: Local Language Models for automating Red Teaming and penetration testing
Thomas O (Skjortan)
Security Fest 2025 · Day 1 · Main Stage
In his Security Fest talk, "Local Language Models for automating Red Teaming and penetration testing," Thomas O (Skjortan), CTO of Fio, delves into the ambitious endeavor of leveraging local Large Language Models (LLMs) and AI agents to automate significant portions of red teaming and penetration testing workflows. The presentation highlights the speaker's journey in building an **MCP (Model-tool Communication Protocol) server** that integrates various hacking tools, aiming to streamline and enhance the efficiency of security assessments. Thomas O shares candid insights into the current state of both traditional pentesting tools and nascent AI agentic frameworks, ultimately presenting a proof-of-concept system designed to tackle the tedious and repetitive aspects of security testing.