Hack in a box: Local Language Models for automating Red Teaming and penetration testing.
In this talk, we explore how small local language models (SLMs) can be seamlessly integrated into your red teaming and penetration testing workflows to optimise and speed up the discovery, scanning, and exploitation phases as well as report writing. Drawing from hands-on experience and previous engagements, this session will cover: Tool Integration & Enhancements: Learn how to craft and deploy custom tools that harness SLMs to automate routine tasks—boosting efficiency without compromising control or data privacy. We'll demonstrate integrations with popular security tools such as Nmap and Burp Suite, showing how SLMs can augment their functionality. Agentic AI Frameworks: We will go through the existing frameworks and demonstrate how the agentic frameworks work for penetration testing and red teaming. Workflow Enhancement & Prompt Tuning: Discover how to augment your traditional hacking methodologies with SLM-powered insights. We will show you how to fine-tune the models using simple prompt engineering—no coding required—so you can quickly adapt the technology to various phases of the attack lifecycle. Real-World Demonstrations & Open-Source Release: Experience live demos and code walkthroughs that highlight the potential—and limitations—of local language processing in offensive security. Human in the loop practices: How to set up your ai agents in a secure manner with human in the loop processes to control exploitation and potentially sensitive parts of the engagement The entire toolchain used in our demonstrations will be released open source on GitLab, providing a practical resource for immediate adoption. Whether you're a seasoned penetration tester or a red team professional looking to adopt cutting-edge techniques, this session offers a fresh perspective on leveraging local AI capabilities to enhance your offensive security operations. Discover how small language models can make a big impact on your hacking strategy—without relying on cloud-based systems.
Presented at Security Fest 2025.
Speaker: Thomas O (Skjortan)About Thomas O (Skjortan)
CTO and entrepreneur with a strong Cybersecurity and AI development background. Years of software development, penetration testing and risk analysis has led to his firm believe that information security and data protection should be a part of the design of any information system, not just an afterthought. Thomas is a multi time Black Hat speaker and the founder of the security conference sec-t.org
