2025-09-19 –, Tesla
This talk introduces Agent 47, named after the fictional Hitman character, to reflect its stealth, precision, and effectiveness. Agent 47 is a compact, LLM-powered red teaming agent I developed to automate key offensive phases, recon, exploitation, and persistence on minimal hardware, such as a Raspberry Pi or compromised systems.
This presentation introduces Agent 47, named after the fictional Hitman character for its stealthy, precise, and efficient nature. Agent 47 is an advanced red teaming agent powered by LLMs, designed to automate offensive operations like reconnaissance, exploitation, and persistence even on low-resource systems.
It integrates open-source LLMs with tools like Nmap and Metasploit, and can be deployed from a USB stick, Raspberry Pi, or manually launched on compromised machines. Once deployed, Agent 47 autonomously scans the network, identifies vulnerable services using live CVE data, and launches appropriate exploits, acting as a smart “1-day exploiter.”
Post-exploitation, it analyzes system behavior and recommends paths for lateral movement, while maintaining persistence and encrypted communication with a remote operator. The session also touches on how this tech could be adapted for defensive use, such as self-healing or adaptive RASP.
Expect a hands-on look at what works, what breaks, and what it takes to make an LLM useful in a red team operation. This talk is ideal for offensive security pros, red teamers, and curious defenders.
Ali is a cybersecurity researcher with over a decade of experience in the field. He is currently the Application and Offensive Security Manager at Canon EMEA. Ali is a regular speaker or trainer at industry conferences and events such as BlueHat, Confidence Conf 2020, Hack In The Box 2023 AMS, DefCon 3x, IEEE AI-ML-Workshop-2021, SSD TyphoonCon 2x, c0c0n, BSides Toronto, Budapest, Calgary, Newcastle, Barcelona, OWASP Ottawa chapter, LeHack2022, NoNameCon, YASCon, COUNTERMEASURE Conference, DragonCon, COSAC 2022, Hacktivity, DefCon Holland, etc.
Moreover, he was a trainer at OWASP Summer of Security 2020 and 2021 July training and a reviewer for Springer Cluster Computing Journal/Elsevier and the 2021 Global AppSec U.S. event. Ali is a Microsoft MVP and has published a book, as well as several papers and blog posts.