📰 Originally published on Securityelites — AI Red Team Education — the canonical, fully-updated version of this article. My workflow for analysing a new CVE used to take three to four hours from reading the advisory to having a working proof-of-concept for lab testing. In 2026, the same workflow takes forty minutes, and most of that is environment setup, not code. AI tools have changed the PoC development phase specifically — reading the vulnerability description, understanding the affected code path, and drafting the initial exploit structure are now tasks where an LLM provides the first draft that I refine. Understanding this workflow is essential for red teamers who need to test known CVEs in assessments, for bug bounty hunters who need to demonstrate exploitability, and for defenders who need to understand how quickly the time-to-PoC window is closing for any new disclosed vulnerability.…