AI + Security
Clint Gibler
Open original sourceRetained excerpt
AI + Security Bullying LLMs into submission to find 0days at scale Andy Gill writes about the autonomous vulnerability hunting system he has been building since early 2026 using Claude Code and MCP. Eight MCP servers with 300+ tools run across five Proxmox VMs, covering binary staging and decompilation (Ghidra, radare2, Frida), and fuzzing across Windows and macOS targets. Everything the infrastructure produces has to survive a hallucination bin that requires a working PoC, clean-VM reproduction, an exploitable crash, and standard-user trigger. A RAG index over past crashes, findings, and defenses keeps new campaigns from re-running dead ends. Results include two CVEs in Go's standard library from grammar-based fuzzing, an OEM service 0-day chained to SYSTEM, and a mix of LPEs, RCEs, and UAFs on Windows and macOS. Andy picks targets by what pays, how often patches ship, and whether other hunters are already there. Even the campaigns that miss pay off, because every dead end feeds the…
This limited excerpt is retained to explain the source trail. Rights remain with the original publisher.