A senior penetration tester I know used to spend three hours on the recon phase of an assessment: running Amass, processing the subdomain list, checking Shodan for the scope's IP ranges, correlating the results, identifying the five or six most interesting targets before starting active testing. Now it takes forty minutes. The data collection phase takes the same time. The analysis and prioritisation — what used to take two hours — is thirty minutes of structured AI prompting and verification…
No comments:
Post a Comment