SEPTA: Self-Evolving PenTester Agent
摘要
Cybersecurity, especially the Penetration Testing process, is becoming more effective with the use of Artificial Intelligence. Large Language Models (LLMs) are now applied to various Cybersecurity tasks, improving the productivity and performance of specialists. Although LLMs play a significant role in Cybersecurity, limitations remain in the accuracy of their knowledge and the level of automation achievable by LLM-based agents. We introduce the Self-Evolving PenTester Agent (SEPTA), a system designed to evaluate and improve an agent’s knowledge of Ethical Hacking. SEPTA generates a sandbox of virtual machines and network environments for emulating a Cybersecurity context that allows safe user interaction and real-time command evaluation. We demonstrate the agent’s feasibility through a working prototype. The results show that the prototype can generate an effective decision-making process.