When AI Attacks Itself: A Fully Autonomous Red Team vs Blue Team Experiment

When AI Attacks Itself: A Fully Autonomous Red Team vs Blue Team Experiment Date: June 22, 2026 · Environment: Kali Linux VM · Azure OpenAI · Docker Tags: AI Security Penetration Testing AppSec Autonomous Agents GPT-4o gpt-5.2 The Idea I Couldn't Get Out of My Head What if two AI agents fought each other — one building and defending a web application, the other trying to break in? Two different models. No human intervention. No waiting. No typos in terminal commands. I ran the experiment. The results were more interesting than I expected — not just because the attack and defense both worked, but because of how fast everything happened. The Setup Two models. Two roles. One isolated Kali Linux VM. Agent Model Role 🔴 Red Agent GPT-4o (Azure OpenAI) Attack, analyze findings, verify patch 🔵 Blue Agent gpt-5.2 (Azure OpenAI) Build target app, patch vulnerabilities Target stack: Flask · SQLite · Werkzeug 3.1.8 · Python