Trending

Penetration testing absolutely requires human oversight. Cybersecurity professionals overwhelmingly agree that automated tools—especially those powered by AI—are only as effective as the experts guiding them.

In high-risk or sensitive environments, relying on fully autonomous AI for penetration testing may also introduce risk to human life. That said, understanding the current state-of-the-art in AI-powered security tooling is essential for staying on the cutting edge of security testing. Below, we've curated a list of research projects and open-source tools that showcase how artificial intelligence (AI) is reshaping cybersecurity operations in 2025.

AI-Enabled Cybersecurity Concepts and Tools in 2025

In recent years, the cybersecurity landscape has evolved with the integration of AI into hacking tools. This has led to the development of sophisticated tools that enhance both offensive and defensive cybersecurity operations. Here are some of the newest and most popular AI-powered hacking tools as of 2025:​

AI-Powered Penetration Testing Tools

AI-powered penetration testing tools can streamline the penetration testing process, but they are not yet reliable enough to replace human testers in high-risk environments. Still, examining the latest advancements offers valuable insights into how AI can augment professional workflows and improve testing efficiency. Here are some entries worth noting:

• PenTest++: An AI-augmented system that integrates security testing automation with generative AI to build ethical hacking workflows. PenTest++ automates tasks such as reconnaissance, scanning, network enumeration, and even exploitation and documentation. Enhancing efficiency and scalability in penetration testing. ​The system was disclosed as a research paper which acknowledges the risks that AI hallucinations pose to performing trustworthy security audits. Pentest++ paper is only a research prototype, with no open-source software or commercial tool available.

• CIPHER (Cybersecurity Intelligent Penetration-testing Helper for Ethical Researchers): Trained on extensive penetration testing data, CIPHER assists in penetration testing tasks by providing accurate suggestions and guidance, making it particularly beneficial for beginners in the field. CIPHER is available as a research paper, and as an open-source repository containing a working LLM application. CIPHER is designed to benefit beginner penetration testers by providing expert-guided reasoning and hands-on support, helping them develop real-world hacking intuition based on seasoned expert writeups.

• CAI (Cybersecurity AI): AI-driven framework for security testing and bug bounty automation that uses specialized AI agents.​ CAI placed first for AI teams and an overall top-20 position in the "AI vs Human" CTF live challenge. CAI is available as a research paper and an open-source repository. CIA includes  Red Team and Blue Team agents and a Bug Bounty agent with specially proposed modules for network enumeration, asset discovery, vulnerability assessment, service exploitation, privilege escalation, responsible disclosure, and more.

• Ai-exploits:  A curated collection of real-world exploits, scanning templates, and payloads designed to test the security of AI systems. AI exploits helps red teams and security researchers evaluate Large Language Models (LLMs), AI-integrated applications, and Machine Learning (ML) pipelines against known weaknesses.

AI-Powered Threat Detection

AI-powered threat detection tools are designed to secure both traditional IT assets and the machine learning models themselves, defending against adversarial manipulation, model inversion, and other AI-specific risks.

• PyRIT: PyRIT focuses on cracking wifi passwords using AI-driven password cracking (brute-force and dictionary attacks). PyRIT can test network security and also identify risks in generative AI solutions. If you’re worried about your model generating harmful content, PyRIT can help identify potential issues at the testing stage of development.

• Adversarial Robustness Toolbox (ART): Developed by IBM, ART is a comprehensive Python library designed to evaluate and enhance the robustness of ML models against attack. It supports a wide range of attack techniques such as evasion, data poisoning, extraction, and inference and defense methods across multiple ML frameworks, making it a robust toolkit for AI model hardening. ART supports all popular machine learning frameworks including TensorFlow, Keras, PyTorch, MXNet, scikit-learn, XGBoost, LightGBM, CatBoost, GPy, and more.

• AIJack: AIJack is an open-source simulator for modeling security and privacy threats targeting ML systems. It provides a unified API to replicate a variety of attack scenarios including membership inference, data poisoning, and evasion attacks, as well as mitigation strategies, helping developers test and secure models before deployment. AIJack is available as a research paper, and an open-source software repository.

• ThreatKG: ThreatKG is an automated framework that continuously collects and processes open-source cyber threat intelligence to build a structured threat knowledge graph. Using natural language processing and ML, it extracts entities, indicators, and relationships from unstructured sources to improve threat detection and situational awareness. ThreatKG is available as a research paper and as a dataset of cyber threat reports.

• Garak: Garak is an automated Red Teaming tool designed to test the safety of LLMs. It evaluates model responses against various prompt injections, jailbreaks, and policy violations to identify weaknesses. Garak supports customizable attack plugins and integrates with CI pipelines, making it ideal for ongoing LLM risk assessments.

The Detriments of Generative AI Cybersecurity

Despite the capabilities of GenAI, human expertise remains a critical component of the pentesting process. Security professionals must evaluate the AI-generated results, validate the identified vulnerabilities, and make informed decisions about the necessary countermeasures. Over-reliance on AI without human intervention may lead to overlooked vulnerabilities or other security issues.

In the infamous Capital One 2019 breach, the automated Intrusion Monitoring/Detection system in place did not raise the necessary alarms allowing the intruder to maintain presence in their network for more than 4 months and exfiltrate a substantial amount of data. This incident highlights the critical role of human oversight in the pentesting process as even the most advanced automated tools require expert configuration and validation. Novel attacks and vulnerabilities can also be overlooked since GenAI models are usually trained on known attack patterns and techniques. It might be able to detect and identify a threat but fail to recognise the complexity of the attack. Companies might consider AI to be sufficient but the expertise of a security professional is still crucial in interpreting results and determining its appropriateness in the specific context.

This is particularly crucial when it comes to AI-generated false negatives and positives. GenAI models, like any other technology, are not infallible. They may generate false positives, identifying vulnerabilities that do not pose a real threat, or false negatives, overlooking actual vulnerabilities. Security professionals must be vigilant in reviewing the AI-generated results and address any discrepancies to ensure a comprehensive and accurate assessment of the target environment.

Packetlabs: 100% Tester-Driven Penetration Testing

At Packetlabs, we identify risks before they become headlines. Packetlabs is a SOC 2 Type II accredited cybersecurity firm specializing in penetration testing services. To strengthen your security posture, we offer solutions such as penetration testing, adversary simulation, application security, and other security assessments.

On top of employing only OSCP-minimum certified ethical hackers, the Packetlabs difference boils down to our 100% tester-driven penetration testing. Instead of outsourcing our work or relying on automated VA scans, we guarantee zero false positives via our in-depth approach and passion for innovation: our security testing methodology is derived from the SANS Pentest Methodology, the MITRE ATT&CK framework for enterprises, and NIST SP800-115 to ensure compliance with the majority of common regulatory requirements. Our comprehensive methodology has been broken up based on which areas can be tested with automation and those which require extensive manual testing.

Conclusion

AI is transforming cybersecurity, but expert oversight remains essential. This article highlights five cutting-edge AI-enabled tools from 2025 that support penetration testing, threat detection, and model evaluation... and why, when it comes to security solutions, nothing outperforms manual testing.