1 Threat-modeling agentic pipelines

Every generation of security testers has faced a gap in automation. Scripts made us faster, and frameworks made us organized, but none of these systems and tools could think and act autonomously. Then, large language models arrived. Overnight, testers gained access to AI agents: reasoning engines that could prioritize scans, rewrite payloads, and summarize results in real-time. Yet, without structured systems in place, these AI agents can become chaotic and often spit out ideas without accountability or reproducibility. This book is written for offensive security practitioners: people whose job is to think like disclosure programs, red teamers hired to simulate adversary behavior, penetration testers conducting authorized assessments, and security researchers studying how systems fail so they can be made stronger.

1.1 Offensive Security

1.1.1 Traditional offensive security workflows

1.1.2 Best practices for offensive security

1.1.3 Why Tools Alone Are No Longer Enough

1.2 Large language models (LLMs) as security tools

1.2.1 Intelligence as a Component

1.3 Introducing AI Agents: Reasoning That Acts

1.3.1 What Is An AI Agent?

1.3.2 Why agents matter in offensive security

1.3.3 Agentic Offensive-Security Workflow

1.4 Pipelines: Information Routing Systems

1.4.1 Pipelines as the Organizing Principle

1.4.2 From Autonomy to Architecture

1.4.3 Why pipelines matter

1.5 Artifacts provide precise decision-making in offensive security

1.5.1 Artifacts as the Unit of Movement

1.5.2 Where Intelligence Enters the System

1.6 Why This Matters to You

1.6.1 Penetration Testers and Red Teams

1.6.2 Purple Teams and Detection Engineers

1.6.3 Blue Teams and SOC Analysts

1.7 Summary