AI-Assisted Red Teaming – What It Actually Feels Like in Practice
The first time I tried using AI during an engagement, it didn’t feel like a breakthrough.
It just felt… slightly faster.
That was it.
No magic. No “auto-pwn”. Just less time staring at output, trying to figure out if I was missing something obvious.
And I think that’s where a lot of people misunderstand what AI actually does in red teaming. The expectation is that it will do the work. In reality, it just changes how you look at the work.
It Still Starts the Same Way
Nothing really changes at the beginning.
You land on a machine. Low-privileged user. Domain-joined. No special access.
You start enumerating. Basic stuff. Pull some domain information, maybe list users and groups, look for SPNs. At this stage, it feels exactly like it did a few years ago.
You still need to figure out where you are, what kind of environment you’re dealing with, and how careful you need to be. That part hasn’t changed at all, and AI doesn’t help you there.
Where things start to shift is later — when you’re no longer collecting data, but trying to understand it.
The Part Nobody Really Talks About
Most of the time, red teaming isn’t about exploiting anything.
It’s about sitting there, looking at output, and asking yourself:
“Is there actually something useful here, or am I just going in circles?”
You run enumeration and suddenly you’re surrounded by information. Accounts, groups, permissions, relationships that don’t fully make sense yet. Nothing is clearly broken. Nothing is obviously exploitable.
That’s the uncomfortable part.
Before, I would open BloodHound, start clicking through graphs, follow a path, backtrack, try something, fail, and repeat. It works, but it’s slow and sometimes messy.
With AI, that part feels different.
Not easier. Just more focused.
The First Time It Actually Helped
I remember feeding a small dataset into a local model. Nothing huge — just users, groups, and a few relationships.
Then I asked a simple question:
“If you had to escalate privileges from this user, where would you start?”
The answer wasn’t perfect. It never is.
But it pointed me toward an account I had already seen and dismissed. A service account, sitting in a group that didn’t look particularly interesting at first.
When I went back and looked again, it started to make more sense. The group nesting, the indirect permissions, the way it connected to other parts of the domain — it wasn’t obvious, but it was there.
That ended up being the path.
Not because AI “found” anything, but because it helped me notice something I almost ignored.
What Actually Changes
The biggest difference is not automation.
It’s how quickly you can move from having data to making a decision.
Before, my instinct was to collect more. Dump more data, just in case. Open another tool. Keep digging until something stands out.
Now I tend to slow that down.
Collect less. Look at it earlier. Ask better questions.
AI fits naturally into that process. It doesn’t replace enumeration — it just helps you decide whether what you already have is enough.
And sometimes, trying to collect everything is exactly what gets you noticed.
Where It Can Go Wrong
There’s a point where this becomes dangerous.
It usually starts when you begin trusting the output too much.
You ask:
“What should I do next?”
And the answer sounds reasonable. Logical, even.
But “reasonable” is not the same as “correct for this environment”.
AI doesn’t know what’s being monitored. It doesn’t know how sensitive the network is, what alerts have already been triggered, or what kind of engagement you’re in.
It just sees patterns.
If you follow it blindly, you don’t become more effective. You just become faster at making mistakes.
Where It Actually Helps
Not in the flashy parts.
Not in exploitation.
It helps in those quiet moments where you’re stuck between options.
You’re looking at a few possible directions — maybe Kerberos, maybe ACLs, maybe session-based movement — and none of them clearly stands out as the right move.
That’s where having a second perspective, even an imperfect one, is useful.
Not to decide for you, but to challenge how you’re thinking.
What Didn’t Change
You still need to understand Active Directory.
You still need to recognize when something is misconfigured. You still need to know when to stay quiet, when to move, and when to stop.
None of that changed.
If anything, it became more important.
Because now the difference is no longer about who knows more commands. It’s about who can interpret what they’re seeing.
What This Actually Is
AI-assisted red teaming isn’t a new technique.
It’s not a new phase of an attack.
It’s just another layer in your workflow.
Sometimes useful. Sometimes unnecessary. Occasionally misleading.
But when it works, it does something simple and valuable:
It shortens the distance between:
“I have data”
and
“I know what to do next”
Conclusion
The biggest mistake right now is treating AI like a shortcut.
It isn’t.
It’s closer to having another analyst sitting next to you — one that works fast, never gets tired, but doesn’t fully understand the situation.
Sometimes it points you in the right direction.
Sometimes it doesn’t.
Either way, nothing really changed about your role.
You still have to decide.
