How to build an offensive AI security agent
A few weeks ago, I wrote about how LLMs could potentially disrupt the Application Security space. You can find that blog post here - The Future of Application Security: Integrating LLMs and AI Agents into Manual Workflows. Continuing with the same theme, I wanted to experiment building an offensive AI security agent next. Something like what the folks at XBOW, Ghost Security and ZeroPath are building. This is a pretty fascinating space that is evolving at a rapid pace. And, although I haven't found any CVEs or 0-days yet, I was still able to build a working proof of concept in a matter of few hours, that can tackle a pretty well known vulnerability class - analyzing javascript files for API endpoints and then using those endpoints to perform a series of offensive activities to uncover potential security vulnerabilities. Bug bounty hunters and security researchers have automated bits and pieces of this process over the years but the entire process end to end is still manual and time consuming. With Agentic AI, we are getting closer to automating the entire process. And, this blog post is my attempt at showing how this vulnerability class along with others (hopefully) can be tackled using LLMs. So, let's get started.
Before starting to build the agent itself, we first need a lab or a vulnerable server serving a javascript file with some vulnerabilities in it. I used Claude 3.5 Sonnet to create this. It is a python file that looks like this:
