Finding holes in software has employed “fuzzing”, where you send completely random payloads, as a research tactic for quite a while (and it has found exploits). LLMs just seem like “educated” fuzzing, I don’t see why anyone would complain about updating your suite with them.
I’ve been fucking around with using Claude to solve CTF challenges. I’m using a harness built out of a custom agent I wrote that progressively loads specific a specific skill for the challenge category, cryptography, binary exploitation, reverse engineering, forensics, etc.
It’s solving the simple shit in <1m using sonnet. It’s solved some shit that I couldn’t figure out at all during the CTF in the time limit we had in ~20 minutes. There’s been 2 challenges that after about 25 minutes I’ll kill the agent working on it, change to opus, then opus solved them in about 20m. One crypto challenge was so math heavy i never would have figured it out. One bin exp challenge didn’t provide a local binary, everything was remote. There was a catch that I never would have solved bc it was remote only and I couldn’t locally debug it.
It’s fucking scary good at solving these things. I just prompt with “use <agent> to solve ./category/challenge/“ and it fully just does everything. It’s definitely akin a fuzzer that can be used for way more than just finding crashes and memory leaks. It takes some work and understanding to make it context/token efficient I think, but it lowers the bar so tremendously that I definitely see why there’s concern here. And again it’s solving most of these things with sonnet, not even opus and definitely not fable.
All told, this feels like the same panic that happened when metasploit first got released/demo’d at defcon back in the day.
As long as they produce a PoC like fuzzing tools, I don’t think anyone is complaining
It’s the theoretical attacks that nearly always turn out to be impossible, wasting time, and making it harder to find the real issues that need investigation that’s the problem with slop reports
Finding holes in software has employed “fuzzing”, where you send completely random payloads, as a research tactic for quite a while (and it has found exploits). LLMs just seem like “educated” fuzzing, I don’t see why anyone would complain about updating your suite with them.
I’ve been fucking around with using Claude to solve CTF challenges. I’m using a harness built out of a custom agent I wrote that progressively loads specific a specific skill for the challenge category, cryptography, binary exploitation, reverse engineering, forensics, etc.
It’s solving the simple shit in <1m using sonnet. It’s solved some shit that I couldn’t figure out at all during the CTF in the time limit we had in ~20 minutes. There’s been 2 challenges that after about 25 minutes I’ll kill the agent working on it, change to opus, then opus solved them in about 20m. One crypto challenge was so math heavy i never would have figured it out. One bin exp challenge didn’t provide a local binary, everything was remote. There was a catch that I never would have solved bc it was remote only and I couldn’t locally debug it.
It’s fucking scary good at solving these things. I just prompt with “use <agent> to solve ./category/challenge/“ and it fully just does everything. It’s definitely akin a fuzzer that can be used for way more than just finding crashes and memory leaks. It takes some work and understanding to make it context/token efficient I think, but it lowers the bar so tremendously that I definitely see why there’s concern here. And again it’s solving most of these things with sonnet, not even opus and definitely not fable.
All told, this feels like the same panic that happened when metasploit first got released/demo’d at defcon back in the day.
As long as they produce a PoC like fuzzing tools, I don’t think anyone is complaining
It’s the theoretical attacks that nearly always turn out to be impossible, wasting time, and making it harder to find the real issues that need investigation that’s the problem with slop reports