You’re entitled to your opinion, but finding vulnerabilities goes far beyond simply doing static analysis. LLMs are able to find vulnerabilities that emerge from subtle interactions between different features, where things like keys and security credentials aren’t handled properly, and finding these by hand in a large codebase is nearly impossible.
The very process of finding these vulnerabilities gives you a path towards making an exploit. And the LLM can actually do this laborious process largely autonomously as well. It can probe a site for example, look at the results, and iterate on them. It’s an incredibly effective tool for both finding exploits and testing them out in the wild.
In fact, you can ask piefed devs about their recent security debacle that an LLM exposed and gave a step by step guide for exploiting.
And I gave you a concrete example of how LLMs both find and exploit these vulnerabilities. It’s quite evident that your disagreement stems from not having actually used these tools to find vulnerabilities.
deleted by creator
You’re entitled to your opinion, but finding vulnerabilities goes far beyond simply doing static analysis. LLMs are able to find vulnerabilities that emerge from subtle interactions between different features, where things like keys and security credentials aren’t handled properly, and finding these by hand in a large codebase is nearly impossible.
The very process of finding these vulnerabilities gives you a path towards making an exploit. And the LLM can actually do this laborious process largely autonomously as well. It can probe a site for example, look at the results, and iterate on them. It’s an incredibly effective tool for both finding exploits and testing them out in the wild.
In fact, you can ask piefed devs about their recent security debacle that an LLM exposed and gave a step by step guide for exploiting.
deleted by creator
And I gave you a concrete example of how LLMs both find and exploit these vulnerabilities. It’s quite evident that your disagreement stems from not having actually used these tools to find vulnerabilities.
deleted by creator
Yes, quite extensively in fact. That’s how I found a massive security hole in piefed that I mentioned earlier in fact.
deleted by creator
No, I’m a software developer.
deleted by creator