AI

New T3MP3ST Framework Turns AI Coding Agents Into Autonomous 0-Day Hunters

dark6 6 July 2026
New T3MP3ST Framework Turns AI Coding Agents Into Autonomous 0-Day Hunters
Read Time:3 Minute, 20 Second

A newly released open-source project called T3MP3ST is repurposing everyday AI coding agents — including Claude Code, OpenAI’s Codex, and Hermes — into autonomous red-teaming operators, without requiring a dedicated model, new API keys, or additional cloud infrastructure.

Built by independent researcher elder-plinius and released on GitHub, T3MP3ST is not a model in its own right. Instead, it functions as a multi-agent orchestration layer that sits on top of whatever coding agent a user already has running, coordinating multiple agent instances through a full reconnaissance-to-exploit-to-report workflow.

How the Framework Operates

Users point T3MP3ST at an authorized target through either a web-based dashboard, referred to as the “War Room,” or a command-line interface. From there, the coding agent already active on the operator’s machine becomes the reasoning engine driving the engagement, while T3MP3ST supplies the tooling, structure, and guardrails.

The project describes its approach as “keyless warfare” — it reuses an operator’s existing agent session rather than demanding separate provider credentials or billing arrangements. It also enforces egress-scope containment, meaning the networked tools bundled with the framework are designed to automatically refuse connections to hosts outside an authorized scope.

  • 35 bundled tools spanning reconnaissance, scanning, exploitation, and reporting
  • An 8-operator kill chain: Recon, Scanner, Exploiter, Infiltrator, Exfiltrator, Ghost, Coordinator, and Analyst
  • Mapping of each stage to MITRE ATT&CK tactics and the traditional Cyber Kill Chain
  • A “verify-claims” command that recomputes results against a committed flag oracle for reproducibility

Benchmark Claims

The developers report a 90.1% pass@1 score on XBOW’s 104-challenge XBEN benchmark suite, a black-box evaluation that XBOW itself self-reports scoring roughly 85% on. On Cybench, a 40-task academic benchmark used to evaluate autonomous exploitation capability, T3MP3ST’s single-agent ReAct loop reportedly solved 23 of 40 tasks without hints.

More notably, the team tested the framework against a held-out set of 10 real CVEs disclosed in 2026 across seven different programming languages. A single agent correctly pinned 8 of the 10 vulnerabilities down to the exact file, line, and CWE classification, while the broader tool pack surfaced information relevant to all 10. Because these vulnerabilities were disclosed after the underlying model’s training cutoff, the developers argue this rules out simple memorization, though they caution the sample size is small and the results are directional rather than conclusive.

What’s Actually Production-Ready

Not every part of the kill chain is equally mature. Only the reconnaissance engine and the single-agent exploitation loop are currently described as stable and benchmarked. Coordinated, swarm-style exploitation across multiple agents remains classified as experimental, since end-to-end validation at scale has not yet been demonstrated. Source-code-level white-box analysis is also experimental and currently limited to Python ingestion, while support for cloud environments, mobile targets, Active Directory, and binary reverse engineering remain on the roadmap.

Domain Maturity
Web applications (XBEN suite) Stable, benchmarked
CTF challenges (Cybench) Stable, benchmarked
Embedded / OT / robotics OSS Pipeline stable, coordinated disclosure
Source code (white-box) Experimental, Python-only
Smart contracts (DeFi) Experimental
Cloud, mobile, AD, binary RE Roadmap

Why It Matters

T3MP3ST arrives amid a broader industry shift toward AI-driven offensive security tooling, and researchers in communities such as Reddit’s blueteamsec have already flagged the release as significant for the future of autonomous red-teaming. The same properties that make it useful to defenders — low cost, no new infrastructure, and strong benchmark performance against fresh CVEs — also lower the barrier for less sophisticated actors to automate parts of the vulnerability discovery and exploitation process.

Security teams evaluating agentic red-teaming tools should treat T3MP3ST’s benchmark numbers as promising but early, verify claims independently using the project’s own reproducibility tooling, and pay close attention to scope-containment configuration before pointing any autonomous agent at production infrastructure.

Leave a Reply

💬 [[ unisciti alla discussione! ]]


Se vuoi commentare su New T3MP3ST Framework Turns AI Coding Agents Into Autonomous 0-Day Hunters, utilizza la discussione sul Forum.
Condividi esempi, IOCs o tecniche di detection efficaci nel nostro 👉 forum community