Using AI and LLMs to Supercharge Offensive and Defensive Security

How to leverage AI and LLMs for both offensive and defensive Security

Your instructor is Martin Voelk. He is a Cyber Security veteran with 25 years of experience. Martin holds some of the highest certification incl. CISSP, OSCP, OSWP, Portswigger BSCP, CCIE, PCI ISA and PCIP. He works as a consultant for a big tech company and engages in Bug Bounty programs where he found thousands of critical and high vulnerabilities.

This course has a both theory and practical lab sections The videos are easy to follow along and replicate.

The course features the following:

• AI/LLM Introduction
• Models / UIs and local setup
• Most common LLM Models
• Privacy
• RAG (Retrieval Augmented Generation)
• Front Ends (Open WebUI, jan ai, lmstudio etc.)
• Ollama
• Huggingface

Prompting

• Basics
• Prompt Engineering
• Zero-shot, few-shot, Chain of Thought
• System Prompts
• Make your own bots
• Prompt leakage
• Jailbreaking
• Troubleshooting
• API usage

Tools

• Yolo
• Fabric
• LLM CLI

Burp AI Features

• Explore Issue Feature
• Explainer Feature
• AI Login Sequence
• Broken Access Control
• Shadow Repeater
• AI HTTP Analyzer
• LM Report

Using AI/LLM for Offensive Security

• Create Pentest bots and examples
• Create Redteam bots and examples
• HDI attack generation
• C&C attack generation

Using AI/LLM for Defensive Security

• Create Blue Team bots and examples
• Incident Response bot
• Tool support companion bots
• Code analysis bots

Notes & Disclaimer

This course is for educational purposes only. This information is not to be used for malicious exploitation and must only be used on targets you have permission to attack.