Tools

This is Part 2 in a two-part series. Read Part 1: Bridging the Cognitive Gap Introduction LLMs don’t reason. They don’t intuit. They don’t understand risk or strategy. But they are changing how work gets done — fast. From summarizing alerts, drafting recon reports, or reverse engineering malware with tools like GhidraMCP, these agents are delivering value in surprising places. Connected Workflows: Beyond Single-Tool Interaction The most promising developments come from connecting these tools into seamless workflows. Projects like NERVEdemonstrate the power of LLM-coordinated security tools, where a natural language request triggers multiple tools in sequence without requiring manual intervention at each step. ...

In the rapidly evolving landscape of AI-driven cybersecurity, an interesting truth emerges: as automation capabilities increase, the value of human judgment becomes not diminished but amplified. This third installment of our series explores why the “human-in-the-loop” approach remains indispensable despite remarkable advances in AI technologies. The Fundamental Limitations of Current Agentic AI Systems The current generation of AI-driven security tools, particularly agentic systems that attempt to autonomously plan and execute tasks, face significant challenges in security contexts where precision and reliability are non-negotiable. ...

A Practical Interlude in My Cybersecurity AI Series I’m excited to share my new Censys MCP tools module that demonstrates how AI capabilities can enhance security workflows when guided by domain expertise. My previous articles here and here explored how the integration of human insight and AI will shape security’s future, introducing the hacker-strategist archetype and examining prompt engineering’s strategic dimensions. Today, I’m offering a practical example connecting those concepts through a project that brings natural language interfaces to OSINT workflows. ...

Built a tool called censyspy that simplifies FQDN discovery via Censys. While you can absolutely do all of this with the Censys CLI and their query syntax (which isn’t particularly complex), this wrapper makes it a bit more straightforward if you’re specifically hunting for FQDNs. Since Censys has such a massive certificate dataset, queries can take a few minutes to complete - the tool defaults to a 5-minute timeout which should be enough for most cases. ...