English
Related papers

Related papers: Hacking CTFs with Plain Agents

200 papers

Large Language Model (LLM) agents are increasingly proposed to automate offensive security tasks, with recent studies reporting near human-level success rates in Capture-the-Flag (CTF) challenges. We here revisit these results, providing a…

Cryptography and Security · Computer Science 2026-05-22 Youness Bouchari , Matteo Boffa , Marco Mellia , Idilio Drago , Thanh Minh Bui , Dario Rossi

Recent advances in LLM agentic systems have improved the automation of offensive security tasks, particularly for Capture the Flag (CTF) challenges. We systematically investigate the key factors that drive agent success and provide a…

We introduce the Cyber Defense Benchmark, a benchmark for measuring how well large language model (LLM) agents perform the core SOC analyst task of threat hunting: given a database of raw Windows event logs with no guided questions or…

Cryptography and Security · Computer Science 2026-04-24 Alankrit Chona , Igor Kozlov , Ambuj Kumar

Existing benchmarks for LLM-based offensive security agents use isolated, single-target setups with a known vulnerable service and fixed objective. They measure exploitation effectively, but miss how real Capture-the-Flag (CTF) participants…

As large language models (LLMs) continue to evolve, their potential use in automating cyberattacks becomes increasingly likely. With capabilities such as reconnaissance, exploitation, and command execution, LLMs could soon become integral…

Cryptography and Security · Computer Science 2024-10-22 Daniel Ayzenshteyn , Roy Weiss , Yisroel Mirsky

Large Language Model (LLM) agents are increasingly proposed for autonomous cybersecurity tasks, but their capabilities in realistic offensive settings remain poorly understood. We present DeepRed, an open-source benchmark for evaluating…

Artificial Intelligence · Computer Science 2026-05-07 Ali Al-Kaswan , Maksim Plotnikov , Maxim Hájek , Roland Vízner , Arie van Deursen , Maliheh Izadi

Large Language Models (LLMs) are being deployed across various domains today. However, their capacity to solve Capture the Flag (CTF) challenges in cybersecurity has not been thoroughly evaluated. To address this, we develop a novel method…

Capture The Flag (CTF) challenges are puzzles related to computer security scenarios. With the advent of large language models (LLMs), more and more CTF participants are using LLMs to understand and solve the challenges. However, so far no…

Cryptography and Security · Computer Science 2024-02-20 Minghao Shao , Boyuan Chen , Sofija Jancheska , Brendan Dolan-Gavitt , Siddharth Garg , Ramesh Karri , Muhammad Shafique

Large language models (LLMs) employ safety mechanisms to prevent harmful outputs, yet these defenses primarily rely on semantic pattern matching. We show that encoding harmful prompts as coherent mathematical problems -- using formalisms…

Cryptography and Security · Computer Science 2026-05-06 Haoyu Zhang , Mohammad Zandsalimy , Shanu Sushmita

We present 'Random-Crypto', a procedurally generated cryptographic Capture The Flag (CTF) dataset designed to unlock the potential of Reinforcement Learning (RL) for LLM-based agents in security-sensitive domains. Cryptographic reasoning…

Cryptography and Security · Computer Science 2025-08-19 Lajos Muzsai , David Imolai , András Lukács

Large Language Models (LLMs) have demonstrated potential in code generation, yet they struggle with the multi-step, stateful reasoning required for offensive cybersecurity operations. Existing research often relies on static benchmarks that…

Cryptography and Security · Computer Science 2026-03-25 James Hugglestone , Samuel Jacob Chacko , Dawson Stoller , Ryan Schmidt , Xiuwen Liu

Large language model (LLM) agents are increasingly capable of autonomously conducting cyberattacks, posing significant threats to existing applications. This growing risk highlights the urgent need for a real-world benchmark to evaluate the…

We introduce AutoAdvExBench, a benchmark to evaluate if large language models (LLMs) can autonomously exploit defenses to adversarial examples. Unlike existing security benchmarks that often serve as proxies for real-world tasks, bench…

Cryptography and Security · Computer Science 2025-03-04 Nicholas Carlini , Javier Rando , Edoardo Debenedetti , Milad Nasr , Florian Tramèr

The assessment of cybersecurity Capture-The-Flag (CTF) exercises involves participants finding text strings or ``flags'' by exploiting system vulnerabilities. Large Language Models (LLMs) are natural-language models trained on vast amounts…

Artificial Intelligence · Computer Science 2023-08-22 Wesley Tann , Yuancheng Liu , Jun Heng Sim , Choon Meng Seah , Ee-Chien Chang

Due to insufficient domain knowledge, LLM coding assistants often reference related solutions from the Internet to address programming problems. However, incorporating external information into LLMs' code generation process introduces new…

Software Engineering · Computer Science 2025-04-23 Binqi Zeng , Quan Zhang , Chijin Zhou , Gwihwan Go , Yu Jiang , Heyuan Shi

Traditional, centralized security tools often miss adaptive, multi-vector attacks. We present the Multi-Agent LLM Cyber Defense Framework (MALCDF), a practical setup where four large language model (LLM) agents-Detection, Intelligence,…

Cryptography and Security · Computer Science 2025-12-18 Arth Bhardwaj , Sia Godika , Yuvam Loonker

Large language models (LLMs) are increasingly deployed as autonomous agents in offensive cybersecurity. In this paper, we reveal an interesting phenomenon: different agents exhibit distinct attack patterns. Specifically, each agent exhibits…

Cryptography and Security · Computer Science 2026-05-11 Taein Lim , Seongyong Ju , Munhyeok Kim , Hyunjun Kim , Hoki Kim

Large Language Model (LLM) agents can automate cybersecurity tasks and can adapt to the evolving cybersecurity landscape without re-engineering. While LLM agents have demonstrated cybersecurity capabilities on Capture-The-Flag (CTF)…

Recent work has embodied LLMs as agents, allowing them to access tools, perform actions, and interact with external content (e.g., emails or websites). However, external content introduces the risk of indirect prompt injection (IPI)…

Computation and Language · Computer Science 2024-08-06 Qiusi Zhan , Zhixiang Liang , Zifan Ying , Daniel Kang

Large language models (LLMs) are increasingly deployed as educational agents for automatic short answer grading (ASAG) in real-world educational environments, significantly boosting assessment efficiency and scalability. However, when these…

Cryptography and Security · Computer Science 2026-05-25 Xueyi Li , Zhuoneng Zhou , Zitao Liu , Yongdong Wu
‹ Prev 1 2 3 10 Next ›