Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Watch this 41-minute conference talk from Recon Village at DEFCON 33 where Özgün Kültekin, Offensive Security Engineer at Trendyol Group, demonstrates how to leverage AI for efficient web attack surface enumeration. Learn to overcome the challenge of manually parsing massive subdomain lists, endless URLs, and overwhelming Burp Suite logs by using AI as a high-throughput, target-aware assistant for discovery rather than as a magical pentester. Discover practical techniques for generating high-value paths and subdomains tailored to specific targets, prioritizing promising endpoints from massive datasets, reducing noise while highlighting potentially sensitive or admin-like endpoints, and building an AI recon assistant that understands application context. Master the integration of AI-driven enumeration into existing recon and Burp-based workflows through live demonstrations showing how to use AI for proposing non-obvious paths, panels, and subdomains, feeding large recon datasets into AI for smart triage, automatically spotting high-value endpoints from huge Burp logs, designing prompt and workflow patterns that align AI with target business logic, and combining traditional recon tooling with AI-assisted enumeration for maximum coverage. Gain insights into focusing your time on breaking the right things instead of just finding them by letting AI handle the boring, repetitive discovery work at scale.
