DEF CON 34 · DEMOLABS · Aug 2026
AI ONE BITES THE DAST
AOBTD

An LLM-powered pentester that reads the app like an operator.

Traditional DAST fires thousands of payloads blindly. AOBTD watches the target, understands each endpoint, and sends specialist agents after the bugs that actually matter — with a PoC to prove it.

The problem with DAST

A scanner that doesn't understand the app is just noise.

Traditional DAST

Fires payloads blindly

Thousands of requests, no concept of this is a login form or I already understood this page pattern. High cost, high noise, shallow coverage.

AOBTD

Reasons like an operator

Extracts every form, input and query-param with zero-LLM parsing, groups them by endpoint pattern, and hands the bundle to specialist agents that plan targeted probes — then proves each finding.

How it works

The pipeline, end to end.

Everything persists to a single SQLite store — the web UI reads the same DB, so any historical scan replays like a live one.

Capture
Headless browser
Rod / Chrome drives the target over HTTPS through a MITM proxy (goproxy) on :8089.
Extract
Structured parsing
HTML forms, JSON schemas and query-params pulled into endpoint bundles. zero LLM cost
Understand
Analyzer agent
Endpoint-by-endpoint, template-aware profiling: what is this page, what does each input do.
Reason
Specialist ensemble
Four domain reasoners — Auth, Injection, Access, Chain — each plan targeted probes.
Execute
Technique primitives
An executor runs 8 real primitives against the target and captures evidence.
Prove
Verifier → Findings
Black-box probes with real payloads confirm each bug, reported with request/response PoC.
The reasoner ensemble

AUTH

Login flows, weak credentials, JWT handling, session logic.

INJECTION

SQLi in login and generic params, reflection points, payload surfaces.

ACCESS

IDOR, BOLA, tenant crossing — objects you shouldn't be able to reach.

CHAIN

Multi-step exploits — authenticate, then pivot to an access bug.

weak_credentials sqli_login_bypass sqli_generic idor_sequential_id bola_tenant_crossing jwt_unsigned jwt_weak_secret chain_auth_then_access
Watch it run

A full scan, start to finding.

A medium target runs in ~6 minutes for about $0.90 in LLM spend with MiniMax-M2.7-highspeed.

Inside the tool

One UI. Live scans and history, side by side.

Live scan in progress
Live view
Browser frame on the left, agent narrations in the middle, discovered endpoints on the right — streamed as the scan reasons.
AOBTD home dashboard
Dashboard
Every scan browsable, plus drift-watch when a target regresses.
Scan overview
Overview
App type, functional areas, top-scoring endpoints, LLM spend.
Application mind map
Knowledge base
Every endpoint clustered, each with a plain-English description of what it does.
Endpoint AI analysis
Endpoint analysis
How it was found, what it's for, the issues spotted, the data exposed.
Highlights

Built to be driven, not babysat.

01

Bounty-style findings

Severity-sorted reports with request/response PoC, steps to reproduce, impact and remediation.

02

Walkthrough mode

Keyboard-navigable demo tour through confirmed findings. ← / → / Esc.

03

Zero-cost extractor

Form and input discovery runs without a single LLM call — and keeps running after the budget is spent.

04

LLM budget guard

Four levels — ok / warning / critical / exhausted. Reasoners back off; extraction never stops.

05

Any provider

Anthropic, OpenAI, or any OpenAI-compatible endpoint — MiniMax, DeepSeek, local Ollama.

06

Self-contained export

Markdown or HTML report in one file. Ctrl+P for a clean PDF.

4
Specialist agents
8
Technique primitives
~$0.90
Per medium target
~6 min
End-to-end scan
Pre-alpha · targeting DEF CON 34 DEMOLABS

Point it at a target you're allowed to test.

CLI and web UI share the same store — script a scan, browse it in the UI, or drive the whole thing from the dashboard.

For authorized security testing only. You are responsible for your scope.