I wrote a blog post about enumerating and testing tool usage in web applications that use LLMs:
www.invicti.com/blog/securit...
Learn how attackers can exploit LLM tool usage and MCP servers, why this expands the attack surface, and how automated DAST scanning strengthens LLM security in web applications.
