We fine-tuned an 8B model to pop a GOAD domain…using only synthetic training data. No real networks. No frontier model distillation. Just a world model that simulates AD environments and generates realistic pentesting trajectories. See how we did it: dreadnode.io/blog/worlds-...

Find @machinavelli.com and @velvethamm3r.bsky.social this weekend at #DistrictCon! DM us to link up, or catch Martin's talk on Sunday.

MLOps 🤝 AIRT Building on MLOps principles is the way forward for AI red teaming. To showcase the impact of this process, we deployed automated adversarial attacks (TAP, GOAT, Crescendo) against Llama Maverick-17B-128E-Instruct. Dig into the case study results here: dreadnode.io/blog/186-jai...

"Offense and defense aren't peers. Defense is offense's child." - John Lambert We built an LLM-powered AMSI provider and paired it against a red team agent. Then, we wrote a blog about it: dreadnode.io/blog/llm-pow...

✍ The White House just launched the Genesis Mission, a bold bet on AI-enabled science. But there's a layer we can't afford to treat as an afterthought: cybersecurity. (1/4) dreadnode.io/blog/from-co...

AI as an Amplifier for Human Tradecraft: how scale can meet sharper intelligence. What’s New: In their #LABScon 2025 talk, @dreadnode.bsky.social's Brad Palm and @machinavelli.com show how agentic AI can explore every analytical pathway — at speed and scale.

🧵 Tonight at midnight, CISA 2015 and SLCGP expire as Congress debates another shutdown. We're witnessing a cyber identity crisis: threats don't discriminate between civilian and military sectors, but our defenses remain fragmented. What needs to happen immediately: 🧵(1/4)

Tonight at midnight, two critical pieces of cybersecurity legislation are due to expire: the CISA 2015 and the SLCGP. Read @velvethamm3r.bsky.social's take on why reauthorizing these programs will help CISA transform into a integrated defensive command: dreadnode.io/blog/from-co...

Dreadnode is a proud sponsor of @sentinelone.com's #labscon25! Heading to Scottsdale this week? Catch @machinavelli.com and Brad Palm's talk, Auto-Poking the Bear—Analytical Tradecraft in the AI Age, on Thursday at 2pm MT. Or, shoot us a DM to find time to meet up onsite!

!!!

Incoming: Dreadnode paper drop from Shane Caldwell and the crew. PentestJudge—Judging Agent Behavior Against Operational Requirements: arxiv.org/abs/2508.02921 Explore how we built an LLM-as-judge system for evaluating the operations of pentesting agents (inspired by PaperBench).

✍ After talking AI Action Plan on @cyberscoop.bsky.social, wrote up @dreadnode.bsky.social thoughts on implementation ➡️ dreadnode.io/blog/five-ta... ‼️ While we debate frameworks, adversaries build AI attack capabilities. We need: evaluation ecosystems, red teaming, and procurement standards.

In our latest blog, Shane Caldwell breaks down the process of creating a fully integrated, self-verifying agentic system that can do modern Windows Active Directory red team operations, without human interaction. Read it here: dreadnode.io/blog/evals-t...

Rise and shine! We're going live on Off By One with Stephen Sims this afternoon—meet us here at 11 AM PT: www.youtube.com/live/BzOmGw-...

In this edition of our From Compute to Congress policy blog series, Dreadnode Head of Policy Daria Bahrami explores how the TEST AI Act and red teaming standards can establish U.S. leadership in AI security: dreadnode.io/blog/from-co...

Read @rad-ads.bsky.social's breakdown of Claude's attack sequence against the notoriously hard-to-solve "turtle" challenge: dreadnode.io/blog/ai-red-...

Introducing AIRTBench, an AI red teaming benchmark for evaluating language models’ ability to autonomously discover and exploit AI/ML security vulnerabilities. Read the paper on arXiv: arxiv.org/abs/2506.14682 Open-source dataset and benchmark eval code repo: github.com/dreadnode/AI...

Check out @machinavelli.com's "Build with AI" Rigging workshop from @pivotcon.bsky.social: github.com/vmsv/pivot20...

v3 of Rigging is out now. If you’re working with LLMs to build agents or run evaluations, check it out. We just added: - Prompt caching for supported providers - A unified tool system for function calling and fallbacks to xml/json parsing - Native MCP integration docs.dreadnode.io/open-source/...

Introducing our new blog series: "From Compute to Congress: Decoding AI Policy" by Dreadnode Head of Policy Daria Bahrami | Read the first post here: dreadnode.io/blog/from-co...

Are manual or automated attacks more effective when attacking LLMs? We found that automated approaches achieve significantly higher success rates (69.5%) compared to manual techniques (47.6%). More insights on LLM attack execution methods here 👉 dreadnode.io/blog/the-aut...

Strikes waitlist. Now open. platform.dreadnode.io/waitlist/str... [must have a Dreadnode account]

What's your take on the growing dominance of automated attacks and the implications for AI red teams? Here's ours— based on our analysis of 30 LLM challenges, attempted by 1,674 unique Crucible users, across 214,271 attack attempts: arxiv.org/abs/2504.19855

@moohax.bsky.social joins @gregotto.bsky.social on CyberScoop's Safe Mode podcast! Tune in at the 10-minute mark for a discussion on how AI fits into the offensive security narrative and what it means for tooling and defenses: www.youtube.com/watch?v=ZReR...

Headed to RSA? Come meet the Dreadnode crew! Whether you're looking for a private deep dive into our tech or want to hang out and talk offensive AI research, we'd love to connect. Limited availability; Come and get it: calendly.com/tori-dreadno... #BayArea #SanFrancisco #RSAC2025 #OffensiveAI

Hey, we know that guy! Catch Dreadnode's @radads.bsky.social on NASDAQ #TradeTalks alongside @bugcrowd.com CEO @davegerryjr.bsky.social and NFL CISO @tomasmald.bsky.social. Tune in for a candid conversation on the intersection of AI and cybersecurity: www.nasdaq.com/videos/ever-...

Will be talking about @dreadnode.bsky.social‘s great open-source rigging repo and how to build your own LLM workflows! Super excited!

🌭🔪⚾️🦥🔥🔄🤨🛜 8 new Challenges now live in Crucible: platform.dreadnode.io/crucible These Challenges might look familiar… they first appeared at DEFCON 30 and were recently refactored for Crucible—enjoy! [Filter>Subject>DEFCON-30]

New blog: Dreadnode’s Policy Recommendations for the U.S. AI Action Plan. Our response focuses on two critical strategies: 1️⃣ Leveraging AI to protect America 2️⃣ Attacking AI to find its limits Read our complete response on the Dreadnode blog: dreadnode.io/blog/policy-...

We're LIVE: www.linkedin.com/events/lives...

Shoutout to these three Crucible users, who were first to solve this week's new Phantom Cheque Challenge. 👏👏👏 1. conor-99 2. Bilal 3. ken Cheque it out: platform.dreadnode.io/crucible/pha...

Cheque, check, one-two. We have a new Crucible Challenge for you: Phantom Cheque! Can you evade the cheque scanner and determine the areas of JagaLLM that need to be improved? Act fast; first three to solve this model extraction Challenge announced Friday: platform.dreadnode.io/crucible/pha...

can’t recommend @dreadnode.bsky.social enough - learning a lot going through the challenges and docs

In this week's new Crucible Challenge, find the hidden phrase in the backdoored model using dyana, an open source tool created by Dreadnode's Ads Dawson. Can you outwit the llamas? platform.dreadnode.io/crucible/dya...

Big news from our crew today! We announced our $14M Series A funding led by Decibel with participation from Next Frontier Capital, In-Q-Tel (IQT), Sands Capital, and Indie VC and released two new solutions: Strikes and Spyglass. Read the announcement: dreadnode.io/blog/series-...

Raiders of the Lost AI: Attempt our new Crucible Challenge, Palimpsest! Decode the hidden message in the scroll, find the flag. First three to solve will be announced Friday, right here. Get started: crucible.dreadnode.io/challenges/p...

Kudos to these individuals for killing this week’s Crucible Challenge. First three to solve Popcorn: 1️⃣ conor-99 2️⃣ garr 3️⃣ mejokim Have you attempted Popcorn yet? Enter Crucible: crucible.dreadnode.io/challenges/p...

@datasociety.bsky.social and the AI Risk and Vulnerability Alliance just released “Red Teaming in the Public Interest,” a report examining how red teaming methods are being adapted to evaluate genAI. Read the report, featuring commentary from @moohax.bsky.social: datasociety.net/library/red-...

Boo! 👻 In our new Crucible Challenge, Popcorn, an LLM firewall is blocking access to a protected SQL table. Can you unmask the secret info? First-to-solve announced Friday. Get started: crucible.dreadnode.io/challenges/p...

Another week, another new Crucible Challenge. Shoutout to these three for being the first to solve our reasoning model Challenge, DeepTweak! Get your tweak on: crucible.dreadnode.io/challenges/d...

New to Rigging: 🔥 Tracing 🛠️ API Tools 💻 HTTP Generator 🐍 Prompts as Tools → github.com/dreadnode/ri...

NEW Crucible Challenge: DeepTweak, an exploration of reasoning model behavior. Cause enough confusion 😵‍💫, retrieve the flag. Think fast; The first three users to solve DeepTweak will be announced Friday! ➡️ https://crucible.dreadnode.io/challenges/deeptweak?utm_source=social&utm_medium=social&u…

Congrats to these hosers for being the first three to solve the canadianeh challenge in Crucible! Tune in Tuesday for the next drop 👀 ICYMI, give canadianeh a try: crucible.dreadnode.io/challenges/c...

Don't be a hozer eh. It's aboot time you started taking model security seriously. Head to Crucible to attempt our new Challenge, canadianeh. Can you be the first to solve it? Check back here Friday. Happy hacking: https://buff.ly/4gn4hHP

Where in the world is Dreadnode? Catch our founders @moohax.bsky.social and Nick Landers at these upcoming AI security events: 💻 NEBULA:FOG:PRIME Hackathon (Saturday, January 25) 🇫🇷 Paris AI Security Forum 2025 (Sunday, February 9) Shoot us a DM to link up!

NEW open source tool from Dreadnode's Simone Margaritelli and @radads.bsky.social: dyana, an eBFP sandbox environment designed to load, run, and profile a wide range of files and provide dynamic testing for AI models. You know the drill - try it out: github.com/dreadnode/dy...

Who's going to #shmoocon this weekend?

Fantastic walkthrough of the "What's the flag #6" challenge from @blaisebits.bsky.social 👇

Check out v0.4.0 of robopages! 🤖  New updates from Simone Margaritelli (@evilsocket) include: Support for executing commands on another host via SSH, easier integration into CI workflows, support for shared environment variables, and integrations with 13 new tools. —> https://buff.ly/3VDDGPd

For all the Burp fans Add some robot smarts to your web app testing - Define scope of analysis - Run requests/responses through your LLM of choice - View labeled findings and vulns As always, the Dreadnode team would love feedback!