July 14, 2026
Everyone building “AI pentesters” is focused on the wrong thing.
It’s not the model. It’s the plumbing.

By Arslan Mazhar
1 min read
I watched a talk this week on building an AI pentesting platform and the best part had nothing to do with prompts or exploits.
The team didn't ask how do we make the model better at hacking? They asked: what does a team of pentesters actually need to do their job? That question led them to build the boring stuff accounts, 2FA, inboxes, VPNs, containers, payload hosting, shared state, coordination between agents. The things humans handle without thinking but agents get wrong all the time.
Put three agents on one account and watch one change the password, another get rate-limited and a third kill the session everyone else was using.
The smartest choice they made: put guardrails in code not in prompts. All traffic ran through a proxy that checked scope automatically. Targets you can reach are not the same as targets you're allowed to attack. That's a real boundary. A prompt telling the model "don't do that" is not.
The lesson for anyone in offensive security: Building an AI pentester is not a model problem. It's an ops problem. The real edge isn't the LLM it's the setup around it the scope rules and the tradecraft you turn into reusable skills.
Your knowledge as an operator is the product. The model just runs it.
Please feel free to connect with me on LinkedIn by visiting my profile at https://www.linkedin.com/in/arslan-mazhar-7b37b7225/ I regularly share valuable insights and updates about cyber learning and professional development in the cybersecurity field.