ISCAP Proceedings: Abstract Presentation
RAG-Enhanced Adaptive AI for Offensive Cybersecurity
Mark Spanier
Dakota State University
Eddie French
Dakota State University
Aman Singh
Dakota State University
Abstract
AI-powered assistants are emerging as valuable tools for offensive cybersecurity. Public cloud LLM services, however, are often unsuitable due to data sensitivity and restrictive guardrails, motivating the need for locally hosted solutions. This project presents a locally hosted AI-powered assistant that integrates Google’s Gemma 3 (27B) with a Retrieval-Augmented Generation (RAG) pipeline to recommend tactics, techniques, and procedures aligned with MITRE ATT&CK. Data sources included CVE, ExploitDB, OWASP, penetration testing repositories supplemented by proprietary organizational knowledge and internal cybersecurity guidelines. A web interface allows operators to pause and adjust the model’s chain-of-thought reasoning, providing greater control, transparency, and adaptability. Benchmarking against established datasets shows performance rivaling frontier proprietary models, highlighting the feasibility of secure, locally hosted, high-performing assistants for red team operations.