AutoPT: How Far Are We from the End2End Automated Web Penetration Testing?

TL;DR

This paper introduces AutoPT, an LLM-based automated web penetration testing agent that leverages a finite state machine framework to improve task completion rates and reduce costs, advancing automation in cybersecurity testing.

Contribution

The paper proposes AutoPT, a novel LLM-driven penetration testing agent utilizing a state machine approach to overcome current limitations and enhance automation effectiveness.

Findings

AutoPT achieves a task completion rate of 41%, nearly doubling the baseline.

AutoPT reduces time and economic costs compared to manual and baseline methods.

AutoPT outperforms ReAct on the GPT-4o mini model in penetration testing tasks.

Abstract

Penetration testing is essential to ensure Web security, which can detect and fix vulnerabilities in advance, and prevent data leakage and serious consequences. The powerful inference capabilities of large language models (LLMs) have made significant progress in various fields, and the development potential of LLM-based agents can revolutionize the cybersecurity penetration testing industry. In this work, we establish a comprehensive end-to-end penetration testing benchmark using a real-world penetration testing environment to explore the capabilities of LLM-based agents in this domain. Our results reveal that the agents are familiar with the framework of penetration testing tasks, but they still face limitations in generating accurate commands and executing complete processes. Accordingly, we summarize the current challenges, including the difficulty of maintaining the entire message history and the tendency for the agent to become stuck. Based on the above insights, we propose a Penetration testing State Machine (PSM) that utilizes the Finite State Machine (FSM) methodology to address these limitations. Then, we introduce AutoPT, an automated penetration testing agent based on the principle of PSM driven by LLMs, which utilizes the inherent inference ability of LLM and the constraint framework of state machines. Our evaluation results show that AutoPT outperforms the baseline framework ReAct on the GPT-4o mini model and improves the task completion rate from 22% to 41% on the benchmark target. Compared with the baseline framework and manual work, AutoPT also reduces time and economic costs further. Hence, our AutoPT has facilitated the development of automated penetration testing and significantly impacted both academia and industry.