BlueHat India 2024

Pentest Copilot: Redefining Penetration Testing with LLMs

We took Pentest Copilot to BlueHat India 2024, Microsoft Security Response Center's security conference, and presented how LLMs can be wired into real penetration testing workflows.

The talk walks through the open source version of Pentest Copilot: how it uses chain-of-thought reasoning and RAG to keep the model grounded, how it automates sub-tasks like tool usage and output interpretation, and the in-browser pentesting infrastructure it runs on. It is the same line of work that became our research paper and eventually Pentest Copilot Enterprise.