Skip to content
Sign In Subscribe
Agentic AIPenetration TestingArticle

Building Hackbots: Jason Haddix on Why AI Won't Replace Pentesters, But It Will Change How They Work

At CYBR.HAK.CON, Jason Haddix showed how AI-powered "hackbots" are helping offensive security teams scale reconnaissance, analyze complex applications, and uncover real vulnerabilities, while proving that human expertise remains the deciding factor.

 and  Bill Brenner
5 min read

For all the hype surrounding AI in cybersecurity, Jason Haddix has a simple message: stop treating it like magic.

During his CYBR.HAK.CON presentation, "Building Hackbots," the founder and CEO of Arcanum offered a practitioner's view of what AI can — and cannot — do for offensive security teams. Rather than promising push-button penetration testing, Haddix focused on using AI agents to automate repetitive work, accelerate analysis, and scale human expertise.

"The best hackbots are human-in-the-loop systems," Haddix explained throughout the session. "They're not replacing testers. They're helping testers work at a level that simply wasn't possible before."

More from CYBR.HAK.CON:

Highlights from CYBR.HAK.CON. 2026
Among the topics: Cognitive warfare and medical device mayhem.
CYBR.SEC.Media, and CYBR.SEC.Media
Trust in the Age of AI: Why Community May Be Our Last Line of Defense
AI may be making deception easier, but Dustin “Wirefall” Dykes argues that human connection -- not technology -- is the most effective defense against a future where reality itself becomes increasingly difficult to verify.
CYBR.SEC.MediaBill Brenner
CYBR.HAK.CON. 2026: The Ghosts Still Haunt the Machine - Lessons From The Therac-25 Affair
Sean Satterlee’s CYBR.HAK.CON. presentation used the deadly Therac-25 radiation overdoses to expose how modern connected medical devices still repeat many of the same dangerous cybersecurity and safety failures.
CYBR.SEC.MediaBill Brenner
CYBR.HAK.CON. 2026: A Brief Introduction to Cognitive Warfare
Stephen Cravey’s “A Brief Introduction to Cognitive Warfare” explores how modern influence operations exploit human psychology, identity, emotion, and social dynamics much like attackers exploit vulnerabilities in technical systems.
CYBR.SEC.MediaBill Brenner

What exactly is a hackbot?

Haddix defines hackbots as AI-powered agents built specifically for offensive security workflows. They combine large language models with tools, automation frameworks, and carefully engineered context to perform tasks such as reconnaissance, endpoint discovery, JavaScript analysis, API mapping, and vulnerability hunting.

The goal isn't autonomy for autonomy's sake. Instead, hackbots help experienced penetration testers, red teamers, and bug bounty hunters scale themselves across increasingly complex environments. Modern enterprise applications can contain thousands of endpoints and parameters. Haddix pointed to platforms like Salesforce, where testers may need to evaluate thousands of dynamic inputs across a sprawling application ecosystem.

Humans get tired. Hackbots don't. That doesn't mean the AI is doing the job alone.

"What AI gives us is scale," Haddix said. The technology can continuously enumerate assets, analyze code paths, map APIs, and execute methodology-driven tasks without losing focus. But it still requires human judgment to recognize subtle vulnerabilities, interpret findings, and redirect investigations when something interesting emerges.

Why AI agents are different from chatbots

One of the key themes of the presentation was the distinction between simple chatbot interactions and agentic AI systems.

Most security professionals have experimented with tools like ChatGPT or Claude. Agent frameworks take things much further.

Instead of a single conversation, an AI agent can orchestrate multiple specialized sub-agents, each responsible for a specific task. Those agents can access tools such as command-line utilities, web browsers, code interpreters, API clients, and custom security tooling. A coordinating "planner" agent then manages the overall workflow.

Haddix described this as moving from asking questions to assigning objectives.

His team uses frameworks such as Claude Code, Open Code, and Maestro to create agents capable of performing structured offensive security tasks. The real breakthrough, he argued, comes from breaking large testing methodologies into small, repeatable components that AI can reliably execute.

The rise of skills-based offensive AI

Central to Haddix's approach is the concept of "skills." Skills are essentially reusable playbooks encoded in natural language. Rather than requiring developers to build complex Python applications, modern agent frameworks allow security professionals to describe a methodology in a structured markdown file.

Haddix's team has built more than 200 offensive-security-focused skills covering everything from JavaScript analysis and content discovery to cross-site scripting, SSRF, API assessment, and access control testing.

Each skill captures years of accumulated knowledge, research, and methodology.

The result is an AI system that doesn't simply generate answers. It follows a repeatable process that reflects how experienced penetration testers actually work.

The secret ingredient: context engineering

If there was one lesson Haddix emphasized repeatedly, it was that successful hackbots are built through context engineering.

AI models are notoriously lazy. Left alone, they will often take shortcuts, skip steps, or prematurely conclude that a task is complete. To overcome this tendency, Haddix's team uses validation loops, review agents, multiple AI models, and structured checkpoints that force agents to verify their own work.

In some cases, Claude performs the analysis while Gemini acts as a skeptical reviewer that critiques the results and demands additional investigation.

The approach dramatically improves reliability while reducing hallucinations and missed findings.

Real-world results

The most compelling part of the session came from Haddix's real-world examples.

He described a bug bounty engagement where an AI-assisted investigation helped uncover an unauthenticated administrative password reset function that ultimately exposed sensitive prison telecommunications records.

In another case, a hackbot helped identify a misconfigured identity-provider integration that allowed access to a marketing analytics platform without authentication.

A third example involved using AI agents to map APIs, identify an SSRF opportunity, and pivot into a Kubernetes environment through an exposed management interface.

In every scenario, the breakthrough came from collaboration between human intuition and machine-assisted analysis.

The AI surfaced patterns, relationships, and opportunities. The tester recognized their significance.

That's why Haddix remains skeptical of claims that AI will soon replace offensive security professionals.

The future, he argued, belongs to practitioners who learn how to build and direct these systems effectively.

The hackbots aren't replacing the hacker. They're becoming part of the team.

Subscribe to the CYBR.SEC.Media newsletter

Related

Latest

In Appreciation: Dr. Eric Cole
Remembrance

In Appreciation: Dr. Eric Cole

Dr. Eric Cole's cybersecurity accomplishments are legendary, but his willingness to speak openly about burnout is something that particularly resonated with me, as it is something many of us struggle to avoid.

 and  Bill Brenner
He Wasn't a Hacker. But He Was One of Us.
Mental Health

He Wasn't a Hacker. But He Was One of Us.

Thirty years after Sean Marley died, I realize that my focus on mental health in cybersecurity started with him. This is a belated thank you to him for helping me strive for something better. He wasn't a hacker. But he sure as hell was one of us.

 and  Bill Brenner