This work addresses key limitations of current large language models in automated vulnerability discovery and exploitation—namely, limited interactivity, weak execution capabilities, and poor reusability of prior experience. To overcome these challenges, the authors propose a security-aware multi-agent framework that emulates real-world red team workflows by decomposing vulnerability analysis into coordinated discovery and exploitation phases. The framework establishes a closed-loop process driven by planning, execution, verification, and feedback-based iterative refinement. Innovatively integrating execution feedback, structured agent interaction, and a long-term memory mechanism, it synergistically combines domain-specific security knowledge with code-aware analysis to enable experience reuse and continuous improvement. Evaluated across multiple security benchmarks, the approach significantly outperforms strong baselines, achieving an exploitation success rate exceeding 60% and an absolute improvement of over 10% in detection accuracy.

Large language models (LLMs) have shown promise in assisting cybersecurity tasks, yet existing approaches struggle with automatic vulnerability discovery and exploitation due to limited interaction, weak execution grounding, and a lack of experience reuse. We propose Co-RedTeam, a security-aware multi-agent framework designed to mirror real-world red-teaming workflows by integrating security-domain knowledge, code-aware analysis, execution-grounded iterative reasoning, and long-term memory. Co-RedTeam decomposes vulnerability analysis into coordinated discovery and exploitation stages, enabling agents to plan, execute, validate, and refine actions based on real execution feedback while learning from prior trajectories. Extensive evaluations on challenging security benchmarks demonstrate that Co-RedTeam consistently outperforms strong baselines across diverse backbone models, achieving over 60% success rate in vulnerability exploitation and over 10% absolute improvement in vulnerability detection. Ablation and iteration studies further confirm the critical role of execution feedback, structured interaction, and memory for building robust and generalizable cybersecurity agents.