it feels like 'alphafold for exploits' should be possible: train on (bytecode, instrumentation) pairs, where instrumentation is LLVM instrumentation on branch traversal, similar to greybox fuzzing. treat exploit development as a black-box structure prediction problem.

then inference on synthetic instrumentation, where that instrumentation represents some program state you want to reach.

this sounds terrifying, but doesn't asymmetrically benefit attackers. defenders will build this infrastructure before attackers and its power (if similar to AlphaFold) will be determined by compute scale, something that defenders will have more of.

the problem with this and where the alphafold analogy breaks down is that the reward landscape for exploit dev is very sparse and discontinuous. i'd be very curious to see how a model like this generalizes though

cc @DARPA

@EmilMieilica it also doesn't write exploitable bytecode, it predicts bytecode for an arbitrary instrumentation state