Cybersecurity, especially the Penetration Testing process, is becoming more effective with the use of Artificial Intelligence. Large Language Models (LLMs) are now applied to various Cybersecurity tasks, improving the productivity and performance of specialists. Although LLMs play a significant role in Cybersecurity, limitations remain in the accuracy of their knowledge and the level of automation achievable by LLM-based agents. We introduce the Self-Evolving PenTester Agent (SEPTA), a system designed to evaluate and improve an agent’s knowledge of Ethical Hacking. SEPTA generates a sandbox of virtual machines and network environments for emulating a Cybersecurity context that allows safe user interaction and real-time command evaluation. We demonstrate the agent’s feasibility through a working prototype. The results show that the prototype can generate an effective decision-making process.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

SEPTA: Self-Evolving PenTester Agent

  • Rui Fernandes,
  • Nuno Lopes,
  • Joaquim Gonçalves

摘要

Cybersecurity, especially the Penetration Testing process, is becoming more effective with the use of Artificial Intelligence. Large Language Models (LLMs) are now applied to various Cybersecurity tasks, improving the productivity and performance of specialists. Although LLMs play a significant role in Cybersecurity, limitations remain in the accuracy of their knowledge and the level of automation achievable by LLM-based agents. We introduce the Self-Evolving PenTester Agent (SEPTA), a system designed to evaluate and improve an agent’s knowledge of Ethical Hacking. SEPTA generates a sandbox of virtual machines and network environments for emulating a Cybersecurity context that allows safe user interaction and real-time command evaluation. We demonstrate the agent’s feasibility through a working prototype. The results show that the prototype can generate an effective decision-making process.