July 11, 2026
Trustworthy AI in Penetration Testing and Offensive Security
Disclaimer: This document is partner-advertisement material produced to promote the Scry APT AI security framework by Scry.pro. It…

By Ivan Vereshchaha
2 min read
Disclaimer: This document is partner-advertisement material produced to promote the Scry APT AI security framework by Scry.pro. It describes the product, the market problems it is built to solve, and how it works, for promotional and educational purposes.
The market challenge
Trust is the gate to AI adoption in security. Two failure modes block it today:
- Fabrication. Ask a model to pick what to attack and it draws from stale, sometimes-invented recall. A single fabricated CVE wastes analyst time and destroys the tool's credibility.
- Unsafe autonomy. A LLM agent that can generate and run exploit code with no guardrails is a liability — one prompt away from a reverse shell or a destructive command against a production system.
About Scry.pro
Scry.pro is a SaaS solution that provides a dockerised, multi-architecture security-automation framework — Scry APT AI. It unifies open-source tooling, purpose-built Go binaries and NVD-grounded AI exploit generation behind a single dispatcher. It is designed for teams that want automation they can trust: every CVE traces to an authoritative source, every finding is confirmed by a safe proof-of-concept, and every run produces an audit-ready report under a reproducible, multi-tenant layout.
The Scry APT AI principle: the model never chooses the target
Scry APT AI applies retrieval-augmented generation to offensive security. The facts come from a vendor-neutral, authoritative source; the model only generates. Concretely:
- CVE discovery is grounded in NVD, never the model. For each detected service, Scry APT AI resolves service, using internal prioritization algorithms choosing what to generate from the NVD REST API.
- A deterministic exploitability filter keeps only launchable CVEs: published 2024 or later, in the network / low-complexity / no-privilege / no-interaction class with confidentiality or integrity impact, ranked CISA-KEV-first.
- CVE detail also comes from NVD, never the model. Score, vector, severity, description, CWE, references and KEV status are pulled from NVD and persisted as JSON beside each generated exploit, giving every finding a verifiable provenance record.
- The model's only job is to write the proof-of-concept for a real, NVD-confirmed CVE — the narrow, well-grounded task where it adds value.
Safe by construction
Confirm-only behavior is enforced by the four-layer protection. The generator refuses to produce proofs that download-and-run payloads, open reverse shells, or run destructive commands; the launcher independently blocks any such pattern before execution. A CVE that is genuinely out-of-class produces an explicit inert stub, not an improvised exploit. The two layers are independent, so a lapse in one is caught by the other.
Grounded, not brittle: the fallback
Grounding does not mean fragility. When the strict filter legitimately empties out — for example a product whose only recent CVEs are denial-of-service, such as a current nginx — Scry APT AI does not fall back to guessing. It pulls the most recent CVEs for that product by CPE and then by keyword, newest and KEV-first, still entirely NVD-sourced and never model-invented, and clearly marks them as fallback findings.
Why it matters
The model-generation step runs through an OpenAI-compatible LiteLLM proxy, so the underlying model is configurable and can be upgraded as stronger models ship — without changing the grounding guarantees, which live outside the model.
Scope and honest limitations
Grounding eliminates fabricated CVEs and gives every finding a provenance trail; it does not guarantee that a generated proof-of-concept will exploit every target, because real environments differ. That is precisely why Scry APT AI launches and confirms rather than asserting — the database makes the claim trustworthy, and the confirmation step makes it true for your target