Large language models (LLMs) exhibit unexpectedly high efficacy in penetration testing, raising critical concerns regarding their dual-use potential across vulnerability discovery, social engineering, privilege escalation, and all stages of the cyber kill chain. Method: Through a systematic literature review and in-depth analysis of representative case studies, this work traces the technical evolution of LLMs in penetration testing and proposes a novel dichotomous framework—“atmosphere hacking” versus fully autonomous systems—to characterize their operational paradigms. Contribution/Results: We identify three root causes of LLM efficacy: strong pattern matching, robust reasoning under uncertainty, and low-cost deployment. Concurrently, we delineate six practical barriers: model reliability, security and controllability, deployment overhead, data privacy, accountability attribution, and ethical dilemmas. The study establishes a foundational theoretical framework for AI-augmented cybersecurity, delivers a structured risk assessment methodology, and outlines actionable governance pathways for responsible adoption.

This paper presents a critical examination of the surprising efficacy of Large Language Models (LLMs) in penetration testing. The paper thoroughly reviews the evolution of LLMs and their rapidly expanding capabilities which render them increasingly suitable for complex penetration testing operations. It systematically details the historical adoption of LLMs in both academic research and industry, showcasing their application across various offensive security tasks and covering broader phases of the cyber kill chain. Crucially, the analysis also extends to the observed adoption of LLMs by malicious actors, underscoring the inherent dual-use challenge of this technology within the security landscape. The unexpected effectiveness of LLMs in this context is elucidated by several key factors: the strong alignment between penetration testing's reliance on pattern-matching and LLMs' core strengths, their inherent capacity to manage uncertainty in dynamic environments, and cost-effective access to competent pre-trained models through LLM providers. The current landscape of LLM-aided penetration testing is categorized into interactive 'vibe-hacking' and the emergence of fully autonomous systems. The paper identifies and discusses significant obstacles impeding wider adoption and safe deployment. These include critical issues concerning model reliability and stability, paramount safety and security concerns, substantial monetary and ecological costs, implications for privacy and digital sovereignty, complex questions of accountability, and profound ethical dilemmas. This comprehensive review and analysis provides a foundation for discussion on future research directions and the development of robust safeguards at the intersection of AI and security.