Offensive AI Tradecraft Index

Offensive playbooks, AI-assisted red-team tradecraft, autonomous-pentest patterns, and promptware kill-chain stages — the attacker-perspective material that documents how AI changes offense, and how operators wield AI inside engagements.

This folder is the attacker-side companion to wiki/practices/, which holds defender-framed controls and playbooks. The semantic split exists because the same technique reads very differently depending on the operator’s intent: a prompt-injection demonstration is an offensive proof in one frame and a defensive test case in another. Purple-team patterns — defender derivations of offensive technique — live in practices/ with scope_axis: [ai-in-sec-defense, ai-in-sec-offense]. Pure offensive tradecraft lives here.

Scope inclusions:

• AI-assisted exploit development, reverse engineering, and recon playbooks
• Autonomous offensive agents and their orchestration patterns
• Promptware kill-chain stages (persistence, C2, exfiltration, lateral movement via agentic abstraction layers)
• Vendor evaluation criteria for offensive-AI tooling
• Captured tradecraft from incidents and demonstrated exploits

Scope exclusions:

• Red-teaming of AI applications (model robustness testing, jailbreak frameworks) — those live in wiki/practices/ and wiki/concepts/ under scope_axis: redteam-for-ai
• Defensive detection logic for offensive-AI patterns — wiki/practices/

See Offensive AI: state of the field for the synthesis page that anchors this folder.

Pages

Folder seeded 2026-05-13

Initial pages will arrive as offensive-side material is ingested. The first ingest candidates are tracked in Scope Expansion Punch-List (2026-05).