I recently sat back as a team of AI agents spent 10 minutes attempting to hack into my newly created website—a simple tool I'd built with Claude Code to sift through AI research papers. This wasn't a sci-fi scenario but a live demo from cybersecurity startup RunSybil, showcasing how artificial intelligence is transforming penetration testing from a manual, periodic chore into an automated, relentless force.


alt="Article illustration 1"
loading="lazy">

RunSybil's system, led by an orchestrator agent called Sybil, coordinates specialized AI agents powered by custom language models and off-the-shelf APIs. Unlike conventional vulnerability scanners that hunt for predefined flaws, Sybil reasons at a higher level. It might deduce that a guest user has hidden privileged access—a subtle weakness often missed by traditional tools—and chain insights into a multi-step attack. As Ariel Herbert-Voss, RunSybil's CEO and cofounder (and OpenAI's first security researcher), explained: "I would argue that we're definitely on the cusp of a technology explosion in terms of capabilities that both bad and good actors can take advantage of. Our mission is to build the next generation of offensive security testing to help everybody keep up."

My website, dubbed "Arxiv Slurper," scans AI paper abstracts for keywords like "novel" or "surprising" to flag cutting-edge research. Thankfully, its simplicity spared it from breaches, but the exercise highlighted a critical gap in modern development. Vibe-coded projects—rapidly assembled with AI helpers—often lack rigorous security vetting. Herbert-Voss noted that vulnerabilities typically emerge in complex features like forms or cryptographic functions, not bare-bones sites like mine.

To demonstrate Sybil's prowess, we shifted to a dummy e-commerce site riddled with known flaws. There, the agents mapped the application, manipulated parameters, tested edge cases, and escalated privileges in a coordinated assault. "The result is something that behaves like a seasoned attacker but operates with machine precision and scale," Herbert-Voss said. Sybil executed thousands of parallel processes, uncovering exploitable weaknesses that human testers might overlook due to fatigue or oversight.

This approach isn't just innovative—it's becoming essential. Lujo Bauer, a Carnegie Mellon University computer security expert, coauthored a study revealing that while top commercial AI models can't yet execute network attacks, they excel at high-level penetration testing when guided by objectives like network scanning. Bauer warned: "We have to assume that attackers are already using AI to their benefit. Developing pen-testing tools that use it is both responsible and likely necessary to balance the increasing risk."

Sarah Guo, founder of investment firm Conviction (a RunSybil backer), emphasized the dual advantage: making enterprise-grade security assessments affordable and continuous. "They can do baseline penetration testing with models and tool use continuously," she said. "So you'll always have a view of what it really looks like to be under attack." Herbert-Voss's background amplifies this mission—he previously built polymorphic malware and phishing tools at OpenAI, driven by concerns over bad actors wielding language models.

As AI democratizes hacking, RunSybil's technology represents a crucial countermeasure. It turns the attackers' emerging arsenal into a defensive strength, ensuring that as the digital battlefield evolves, developers and security teams aren't left scrambling to catch up. The era of AI-driven security isn't coming; it's already probing at our firewalls, demanding we rethink defense at machine speed.

Source: Adapted from Will Knight's AI Lab newsletter in Wired.