English
Related papers

Related papers: AutoPentester: An LLM Agent-based Framework for Au…

200 papers

Penetration testing is a critical technique for identifying security vulnerabilities, traditionally performed manually by skilled security specialists. This complex process involves gathering information about the target system, identifying…

Cryptography and Security · Computer Science 2025-06-02 Xiangmin Shen , Lingzhi Wang , Zhenyuan Li , Yan Chen , Wencheng Zhao , Dawei Sun , Jiashui Wang , Wei Ruan

Penetration testing, a crucial industrial practice for ensuring system security, has traditionally resisted automation due to the extensive expertise required by human professionals. Large Language Models (LLMs) have shown significant…

Software Engineering · Computer Science 2024-06-04 Gelei Deng , Yi Liu , Víctor Mayoral-Vilches , Peng Liu , Yuekang Li , Yuan Xu , Tianwei Zhang , Yang Liu , Martin Pinzger , Stefan Rass

A recent area of increasing research is the use of Large Language Models (LLMs) in penetration testing, which promises to reduce costs and thus allow for higher frequency. We conduct a review of related work, identifying best practices and…

Cryptography and Security · Computer Science 2025-05-16 Julius Henke

In our research, we introduce a new concept called "LLM Augmented Pentesting" demonstrated with a tool named "Pentest Copilot," that revolutionizes the field of ethical hacking by integrating Large Language Models (LLMs) into penetration…

Cryptography and Security · Computer Science 2025-05-20 Dhruva Goyal , Sitaraman Subramanian , Aditya Peela , Nisha P. Shetty

Automated penetration testing (AutoPT) powered by large language models (LLMs) has gained attention for its ability to automate ethical hacking processes and identify vulnerabilities in target systems by leveraging the inherent knowledge of…

Artificial Intelligence · Computer Science 2025-06-26 Hanzheng Dai , Yuanliang Li , Jun Yan , Zhibo Zhang

Penetration testing is essential to ensure Web security, which can detect and fix vulnerabilities in advance, and prevent data leakage and serious consequences. The powerful inference capabilities of large language models (LLMs) have made…

Cryptography and Security · Computer Science 2024-11-05 Benlong Wu , Guoqiang Chen , Kejiang Chen , Xiuwei Shang , Jiapeng Han , Yanru He , Weiming Zhang , Nenghai Yu

Generative AI agents, software systems powered by Large Language Models (LLMs), are emerging as a promising approach to automate cybersecurity tasks. Among the others, penetration testing is a challenging field due to the task complexity…

Cryptography and Security · Computer Science 2024-10-29 Luca Gioacchini , Marco Mellia , Idilio Drago , Alexander Delsanto , Giuseppe Siracusano , Roberto Bifulco

Penetration testing (or pentesting) is one of the widely used and important methodologies to assess the security of computer systems and networks. Traditional pentesting relies on the domain expert knowledge and requires considerable human…

Cryptography and Security · Computer Science 2019-08-21 Ge Chu , Alexei Lisitsa

Web application pentesting is a crucial component in the offensive cybersecurity area, whose aim is to safeguard web applications and web services as the majority of the web applications are mounted in publicly accessible web environments.…

Cryptography and Security · Computer Science 2024-10-17 María Olivares-Naya , Jacobo Casado de Gracia , Alfonso Sánchez-Macián

Penetration testing is essential for assessing and strengthening system security against real-world threats, yet traditional workflows remain highly manual, expertise-intensive, and difficult to scale. Although recent advances in Large…

Software Engineering · Computer Science 2025-12-17 Ruozhao Yang , Mingfei Cheng , Gelei Deng , Tianwei Zhang , Junjie Wang , Xiaofei Xie

Offensive security is one of the state of the art measures to protect enterprises and organizations. Penetration testing, broadly called pentesting, is a branch of offensive security designed to find, rate and exploit these vulnerabilities,…

Cryptography and Security · Computer Science 2024-06-13 Jacobo Casado de Gracia , Alfonso Sánchez-Macián

We present RapidPen, a fully automated penetration testing (pentesting) framework that addresses the challenge of achieving an initial foothold (IP-to-Shell) without human intervention. Unlike prior approaches that focus primarily on…

Cryptography and Security · Computer Science 2026-02-17 Sho Nakatani

Penetration testing (pentesting) involves performing a controlled attack on a computer system in order to assess it's security. Although an effective method for testing security, pentesting requires highly skilled practitioners and…

Cryptography and Security · Computer Science 2019-05-16 Jonathon Schwartz , Hanna Kurniawati

Hacking poses a significant threat to cybersecurity, inflicting billions of dollars in damages annually. To mitigate these risks, ethical hacking, or penetration testing, is employed to identify vulnerabilities in systems and networks.…

Cryptography and Security · Computer Science 2025-02-24 Isamu Isozaki , Manil Shrestha , Rick Console , Edward Kim

We introduce PentestJudge, a system for evaluating the operations of penetration testing agents. PentestJudge is a large language model (LLM)-as-judge with access to tools that allow it to consume arbitrary trajectories of agent states and…

Artificial Intelligence · Computer Science 2025-08-06 Shane Caldwell , Max Harley , Michael Kouremetis , Vincent Abruzzo , Will Pearce

Large Language Models (LLMs) are redefining offensive cybersecurity by allowing the generation of harmful machine code with minimal human intervention. While attackers take advantage of dark LLMs such as XXXGPT and WolfGPT to produce…

Cryptography and Security · Computer Science 2026-04-14 Ricardo Bessa , Rui Claro , João Trindade , João Lourenço

Large language models (LLM) are perceived to offer promising potentials for automating security tasks, such as those found in security operation centers (SOCs). As a first step towards evaluating this perceived potential, we investigate the…

Cryptography and Security · Computer Science 2024-02-01 Kumar Shashwat , Francis Hahn , Xinming Ou , Dmitry Goldgof , Lawrence Hall , Jay Ligatti , S. Raj Rajgopalan , Armin Ziaie Tabari

Agentic AI is transforming security by automating many tasks being performed manually. While initial agentic approaches employed a monolithic architecture, the Model-Context-Protocol has now enabled a remote-procedure call (RPC) paradigm to…

Cryptography and Security · Computer Science 2025-10-07 Zachary Ezetta , Wu-chang Feng

Cyber threats are rapidly increasing, expanding their impact from large-scale enterprises to government services and individual users, making robust security systems increasingly essential. However, a significant shortage of skilled…

Cryptography and Security · Computer Science 2026-05-07 Yasod Ginige , Pasindu Marasinghe , Sajal Jain , Suranga Seneviratne

Penetration testing is a cornerstone of cybersecurity, traditionally driven by manual, time-intensive processes. As systems grow in complexity, there is a pressing need for more scalable and efficient testing methodologies. This systematic…

Software Engineering · Computer Science 2025-12-16 J. Alexander Curtis , Nasir U. Eisty
‹ Prev 1 2 3 10 Next ›