CyberSecurityNews

T3MP3ST Security Framework With 35 Tools, Turns AI Coding Agents Into 0-Day Bug Hunters


A newly released open-source security framework called T3MP3ST is turning general-purpose AI coding agents like Claude Code, OpenAI’s Codex, and Hermes into autonomous red-teaming operators without requiring new API keys, cloud infrastructure, or additional billing.

Built by researcher elder-plinius, T3MP3ST acts as a multi-agent orchestration layer rather than shipping its own model, coordinating multiple agent instances through a reconnaissance-to-exploit-to-report kill chain.

Users point the framework at an authorized target through a web-based “War Room” interface or CLI, and the AI coding agent already running on their machine becomes the operational brain driving the mission.

The framework is described as “keyless warfare,” leveraging existing agent sessions instead of demanding separate provider keys, and it enforces egress-scope containment so networked tools automatically refuse to touch off-scope public hosts.

T3MP3ST Security Framework

T3MP3ST claims a 90.1% pass@1 score on XBOW’s 104-challenge XBEN suite, a black-box benchmark that XBOW itself self-reports at roughly 85%, with every solve graded against a committed flag oracle that a “verify-claims” command recomputes on demand for reproducibility. On Cybench, a 40-task academic benchmark, the framework’s single-agent ReAct loop hit 23/40 hint-free solves.

More notably, on a held-out set of 10 real CVEs disclosed in 2026 across seven programming languages, a single agent pinned 8 of 10 vulnerabilities to the exact file, line, and CWE classification, while the broader tool pack surfaced all 10 results the developers frame as directional given the small sample size but meaningful because the bugs postdate the model’s training cutoff, ruling out memorization

The framework’s design maps an 8-operator kill chain Recon, Scanner, Exploiter, Infiltrator, Exfiltrator, Ghost, Coordinator, and Analyst onto MITRE ATT&CK tactics and the Cyber Kill Chain, though only the recon engine and single-agent exploit loop are currently benchmarked and stable and can be cloned from GitHub.

Downstream operators run the same tool-backed reasoning loop as recon but remain classified as experimental, since end-to-end coordinated-swarm exploitation hasn’t yet been validated at scale.

DomainStatus
Web apps (XBEN suite)Stable, benchmarked
CTF challenges (Cybench)Stable, benchmarked
Embedded/OT/robotics OSSPipeline stable, coordinated disclosure
Source code (white-box)Experimental, Python-only ingest
Smart contracts (DeFi)Experimental, reproduction only
Cloud, mobile, AD, binary RERoadmap/in development

Security researchers on platforms like Reddit’s blueteamsec community have flagged the release as notable for autonomous red-teaming, tracking it alongside broader industry momentum toward AI-driven security tooling.

This follows related developments such as Anthropic’s Mythos model, which XBOW separately evaluated as substantially improving vulnerability-led generation and source-code security analysis, cutting false negatives by 42% in comparable exploit benchmarks.

The developers highlight that T3MP3ST is strictly for authorized testing, research, and education, released under the AGPL-3.0 license with no warranty. Unauthorized use against systems without explicit written permission remains illegal in most jurisdictions, and responsibility for staying within legal and rules-of-engagement boundaries rests entirely with the operator.

 Strengthen Your SOC by Accelerating Threat Detection & Rapid Investigations. -> Integrate ANY.RUN With Your SOC Now.



Source link