{"code":"LQVWHG","speakers":[{"code":"JSTPKN","name":"Niels Pfau","biography":"Niels is a Red Teamer at Mantodea Security who is well-known for (accidentally) breaking things, even if he doesn't want to. His work is focused on red team operations and researching technology on a low level in the hopes of finding just one more bug.","avatar":"http://cfp.bsidesvienna.at/media/avatars/Untitled_NPhIo5D.png"}],"title":"Hey Claude, find 0days - Using AI for Vulnerability Research & Red Teaming","submission_type":{"en":"Medium Talk"},"track":{"en":"Mittlerer Saal (Track 1 - 260 pax)"},"state":"confirmed","abstract":"\"Friends don't let friends upload their tradecraft to VirusTotal\", but what about AI? More and more companies are integrating AI into their pipelines and workflows, and we can see headlines of AI finding hundreds of bugs everywhere online. So how can we integrate this technology into our work without burning our tradecraft - is this even possible?","description":"We'll examine the capabilities of AI itself, how we can integrate it into our research to find more bugs more quickly, and how well it can be used for weaponization. To visualize this, we'll walk through at least one real-world vulnerability: my original approach, how that approach can be improved by AI, and to what degree.\r\n\r\nBut the advantages of AI come at a (hidden) cost: we're sharing everything with a third party, be it Anthropic, Google, or whoever. Would you upload your C2 beacon to VirusTotal during a Red Team? So, where exactly should we draw the line on AI?","duration":45,"slot_count":1,"do_not_record":false,"is_featured":false,"content_locale":"en","slot":{"room":{"en":"Mittlerer Saal (Track 1)"},"start":"2026-06-27T10:20:00+02:00","end":"2026-06-27T11:05:00+02:00"},"image":null,"resources":[]}