PentestGPT: Evaluating and Harnessing Large Language Models for Automated Penetration Testing
An LLM-empowered automated penetration testing framework that leverages domain knowledge inherent in LLMs, achieving 228.6% task completion improvement over baseline GPT models.
Aug 14, 2024
NAUTILUS: Automated RESTful API Vulnerability Detection
An automated framework for detecting vulnerabilities in RESTful APIs through combined static analysis and dynamic testing approaches.
Aug 9, 2023
PentestGPT
An LLM-empowered Automatic Penetration Testing Tool with 8k+ GitHub stars. PentestGPT is designed to automate penetration testing by leveraging the domain knowledge inherent in Large Language Models. It features a three-module architecture (Reasoning, Generation, and Parsing) that emulates human penetration testing workflows. Key Features: Automated penetration testing guidance Integration with multiple LLM backends Real-world evaluation on CTF challenges 228.6% improvement in task completion over baseline models Recognition: Distinguished Artifact Award at USENIX Security 2024 Active collaboration with industry partners (Huawei, ByteDance, etc.)
Aug 1, 2023
Morest: Model-based RESTful API Testing with Execution Feedback
A model-based approach to RESTful API testing with execution feedback for improved coverage and vulnerability detection.
May 21, 2022