Incalmo: An Autonomous LLM-assisted System for Red Teaming Multi-Host Networks
B. Singer, K. Lucas, L. Adiga, M. Jain, L. Bauer, and V. Sekar. IEEE S&P '26. [BibTeX]Get details or download paper
Not peer-reviewed; published on Anthropic’s Frontier Red Team blog, where we post our work measuring, projecting, and improving frontier LLM capabilities.

How well frontier models can develop exploits for publicly disclosed but unpatched vulnerabilities.

Benchmarks (ExploitBench, ExploitGym, SCONE-bench) for measuring how well frontier models build end-to-end software and smart-contract exploits.

Evaluating a frontier model's ability to autonomously discover and exploit zero-day and N-day vulnerabilities across operating systems, browsers, and libraries.

A collaboration with Mozilla in which Claude Opus 4.6 found 22 vulnerabilities in Firefox.
A technical deep dive into an exploit Claude developed for a Firefox vulnerability.
Claude succeeds at multistage network attacks using only standard tools.
Evaluating Claude's performance in CTF competitions (the subject of my DEF CON talk).
A collaboration with Brian Singer on measuring LLMs' network attack capabilities (related to the Incalmo paper below).