QuoIntelligence assesses that today, open-source generative AI tools available in the market constitute limited support for threat actors in the framework of offensive operations.

Social engineering campaigns can benefit from generative AI to create effective phishing emails. But generative AI tools’ guardrails significantly limit support potential as bypassing them is time-consuming. Only experienced attackers can obtain useful results.

Given the existence of free exploitation tools, we assess that open-source generative AI is not a valuable tool for offensive operations at this point. 

While generative AI models will very likely (70-85%) improve in code writing, these improvements will likely (60-70%) be offset by improved guardrails, limiting their utility for offensive tool development.