I like to do capture-the-flags in my spare time.

I'm not a pen-tester by any means but I like to keep abreast of the tools being used on the red-team side, ttps, all that jazz.

Plus, it's a lot of fun 😊

MYTHOS has been pretty much dominating the news cycle lately. AI in general has been a hot topic--a game changer, disruptor, whatever buzzword you choose-- in the cybersecurity space.

Warranted? I don't know. I'm still in research mode.

I decided to test out things myself & include claude in my ctf workflow. One caveat, I know CTFs aren't real life scenarios so just keep that in mind.

I ran it against 2 CTFs I had already completed and asked it to do pentest reports for each.

Results were great. Claude moved pretty quickly -- recon/scan/Enum/exploit and it had the flags.

Again, CTFs are not real life and these aren't zero days it's finding and exploiting.

But it was still interesting.

Reports are here, if you want to give them a read