[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"doc-detail-31910":3,"doc-seo-31910":26},{"code":4,"msg":5,"data":6},0,"success",{"doc_id":7,"user_id":8,"nickname":9,"user_avatar":10,"doc_module":4,"category_id":11,"category_name":12,"doc_title":13,"doc_description":14,"file_id":15,"file_url":16,"file_type":17,"file_size":18,"view_count":4,"is_deleted":4,"is_public":19,"is_downloadable":19,"audit_status":19,"page_count":11,"language":20,"language_code":21,"table_of_contents":22,"faqs":23,"seo_title":13,"seo_description":14,"update_tm":24,"read_time":25},31910,1374391975076,"Riley","https://ap-avatar.wpscdn.com/davatar_994ba38a5ba835b3df7d355c54d3ed8d",8,"Research & Report","LLM-Driven Automated Penetration Testing Architectures Benchmarks and Safety Considerations","In recent years, large language models (LLMs) have been used to automate parts of penetration testing, including reconnaissance, vulnerability discovery, exploit identification, and reporting. Prior systems such as PentestGPT and others demonstrate advantages of LLM-guided workflows, yet full automation remains unsolved due to challenges in context management, tool orchestration, environmental variability, and safety enforcement. This paper proposes a unified LLM-driven framework with formal tasks, states, and actions, integrates external tools, adds memory and reasoning, and defines governance controls.","cbCaidDRcPHNzt5v","https://ap.wps.com/l/cbCaidDRcPHNzt5v","pdf",243912,1,"English","en","# Introduction\n## Background and Motivation\n## Contributions and Scope","[{\"question\":\"What problem does the paper address in LLM-driven automated penetration testing?\",\"answer\":\"It addresses why complete automation is still unsolved, focusing on context management, multi-tool orchestration, adapting to environmental variations, and enforcing safety constraints.\"},{\"question\":\"What is the core design of the proposed framework?\",\"answer\":\"The framework divides penetration testing into formally defined tasks, states, and actions, using LLM-based agents to develop, execute, and modify multi-step attack chains across network, web, cloud, and application layers.\"},{\"question\":\"How does the paper handle safety and governance?\",\"answer\":\"It defines safety and governance controls to limit misuse of the system while integrating external tools such as scanners, exploit frameworks, and knowledge bases.\"}]",1780434152,20,{"code":4,"msg":27,"data":28},"ok",{"site_id":29,"language":21,"slug":30,"title":13,"keywords":31,"description":14,"schema_data":32,"social_meta":83,"head_meta":85,"extra_data":87,"updated_unix":24},105,"llm-driven-automated-penetration-testing-architectures-benchmarks-and-safety-considerations","",{"@graph":33,"@context":82},[34,51,65],{"@type":35,"itemListElement":36},"BreadcrumbList",[37,41,45,48],{"item":38,"name":39,"@type":40,"position":19},"https://docshare.wps.com","Home","ListItem",{"item":42,"name":43,"@type":40,"position":44},"https://docshare.wps.com/document/","Document",2,{"item":46,"name":12,"@type":40,"position":47},"https://docshare.wps.com/document/research-report/",3,{"item":49,"name":13,"@type":40,"position":50},"https://docshare.wps.com/document/llm-driven-automated-penetration-testing-architectures-benchmarks-and-safety-considerations/31910/",4,{"url":49,"name":13,"@type":52,"author":53,"headline":13,"publisher":55,"fileFormat":58,"description":14,"dateModified":59,"datePublished":59,"encodingFormat":58,"isAccessibleForFree":60,"interactionStatistic":61},"DigitalDocument",{"name":9,"@type":54},"Person",{"url":38,"name":56,"@type":57},"DocShare","Organization","application/pdf","2026-06-02",true,{"@type":62,"interactionType":63,"userInteractionCount":4},"InteractionCounter",{"@type":64},"ViewAction",{"@type":66,"mainEntity":67},"FAQPage",[68,74,78],{"name":69,"@type":70,"acceptedAnswer":71},"What problem does the paper address in LLM-driven automated penetration testing?","Question",{"text":72,"@type":73},"It addresses why complete automation is still unsolved, focusing on context management, multi-tool orchestration, adapting to environmental variations, and enforcing safety constraints.","Answer",{"name":75,"@type":70,"acceptedAnswer":76},"What is the core design of the proposed framework?",{"text":77,"@type":73},"The framework divides penetration testing into formally defined tasks, states, and actions, using LLM-based agents to develop, execute, and modify multi-step attack chains across network, web, cloud, and application layers.",{"name":79,"@type":70,"acceptedAnswer":80},"How does the paper handle safety and governance?",{"text":81,"@type":73},"It defines safety and governance controls to limit misuse of the system while integrating external tools such as scanners, exploit frameworks, and knowledge bases.","https://schema.org",{"og:url":49,"og:type":84,"og:title":13,"og:site_name":56,"og:description":14},"article",{"robots":86,"canonical":49},"index,follow",{"doc_id":7,"site_id":29}]