Soufiane Ouha

Principal Security Consultant

Google Cloud

Speaker sessions

Hacking Applications with AI: LLMs for Mobile & API Pentesting

As mobile applications and APIs become the backbone of modern digital ecosystems, attackers are constantly seeking faster and smarter ways to exploit them. At the same time, Large Language Models (LLMs) are reshaping how we approach security testing. But can AI truly hack?In this session, we’ll explore how LLMs can be leveraged to accelerate and augment mobile and API penetration testing. We’ll demonstrate real-world use cases where AI assists with tasks like reconnaissance, fuzzing, reverse engineering, and exploit generation — and highlight where it shines versus where it fails. Through real world examples and lessons learned, we’ll cut through the hype to show how security professionals can practically integrate LLMs into their offensive workflows.Whether you’re a red teamer, security researcher, or just curious about AI in offensive security, this talk will give you actionable insights, practical techniques, and a glimpse into the future of AI-powered pentesting.