Current cybersecurity assessments rely heavily on manual adversary emulation, while existing automation approaches suffer from limited autonomy, narrow tactical coverage, and low practicality. To address these challenges, we propose the first LLM-driven autonomous adversarial simulation framework supporting variable detectability, multi-path planning, and full MITRE ATT&CK tactic coverage. It is also the first to enable goal-agnostic, closed-loop red teaming automation on the Caldera platform. Our method integrates large language model–based reasoning and planning, ATT&CK tactic mapping, dynamic attack path generation, and adaptive evasion mechanisms. Experimental evaluation in a standard simulated environment demonstrates that the framework achieves over 98% success rate across predefined attack objectives, covers all 14 enterprise-level ATT&CK tactics, and completes each simulation in under eight minutes on average—significantly enhancing efficiency for security assessment and detection research.

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia and industry have worked towards the automation of adversarial actions. However, they exhibit significant limitations regarding autonomy, tactics coverage, and real-world applicability. Consequently, adversary emulation remains a predominantly manual task requiring substantial human effort and security expertise - even amidst the rise of Large Language Models. In this paper, we present Bounty Hunter, an automated adversary emulation method, designed and implemented as an open-source plugin for the popular adversary emulation platform Caldera, that enables autonomous emulation of adversaries with multi-faceted behavior while providing a wide coverage of tactics. To this end, it realizes diverse adversarial behavior, such as different levels of detectability and varying attack paths across repeated emulations. By autonomously compromising a simulated enterprise network, Bounty Hunter showcases its ability to achieve given objectives without prior knowledge of its target, including pre-compromise, initial compromise, and post-compromise attack tactics. Overall, Bounty Hunter facilitates autonomous, comprehensive, and multi-faceted adversary emulation to help researchers and practitioners in performing realistic and time-efficient security assessments, training exercises, and intrusion detection research.