REFORGE
Abstract
Fuzzing has become excellent at breaking things, but turning those breakages into real, reproducible, and explainable exploits still takes hours of human effort. ReForge aims to change that. ReForge is an AI-powered pipeline that takes binary crash artefacts from AFL++ and automatically forges them into working proof-of-concept exploits; complete with human-readable analysis reports. Under the hood, it integrates a multi-agent system: a cloud-based LLM generates the exploit, a local custom-AI model explains it, and a lightweight coordinator (MCP) manages validation and retry logic. Each exploit is auto-tested against an un-instrumented target binary before being stored with metadata and analysis, making the results immediately actionable. Unlike traditional fuzzing frameworks that stop at a crash log, ReForge picks up the baton and sprints to the finish line: an actual, working Python exploit: readable, reproducible, and explainable.
Presented at Black Hat Europe 2025 Arsenal, December 8-11, London. Track: Exploitation and Ethical Hacking.