BSides Knoxville 2026

Traditional offensive security is often a battle against the friction of manual reconnaissance, repetitive infrastructure setup, and the tedious translation of tool outputs into actionable reports. As Large Language Models evolve from static chat interfaces into autonomous agents, the role of the security professional is shifting from Manual Operator to Systems Architect.

This session approaches offensive security through the lens of a deckbuilding card game. We will walk through a "Setup" phase for selecting the right agentic infrastructure, an "Action" phase involving C2 infrastructure and application security use cases, and a "Cleanup" phase using practical, human-in-the-loop workflows to finalize deliverables.

- Combos and setup: Automatically provisioning multi-cloud redirectors across Cloudflare, AWS, and Azure while maintaining origin secrecy.
- Know your tools: Chaining playwright-mcp with automated script generation to transform a browser-based discovery into a persistent exploit.
- Manage your mana: Strategies for maintaining a low-cost operation by "compiling" agentic reasoning into local CLI tools and offloading repetitive tasks to local models like Ollama.

Attendees will leave with a blueprint for building their own "Security Deck," enabling them to automate the grind, preserve high-level strategy, and execute complex engagements at machine speed without losing the critical oversight of the human operator.