Offensive AI: Enhancing Directory Brute-forcing Attack with the Use of Language Models

arXiv:2404.14138v1 Announce Type: new
Abstract: Web Vulnerability Assessment and Penetration Testing (Web VAPT) is a comprehensive cybersecurity process that uncovers a range of vulnerabilities which, if exploited, could compromise the integrity of web applications. In a VAPT, it is common to perform a \textit{Directory brute-forcing Attack}, aiming at the identification of accessible directories of a target website. Current commercial solutions are inefficient as they are based on brute-forcing strategies that use wordlists, resulting in enormous quantities of trials for a …

applications arxiv assessment attack brute compromise cs.cr cybersecurity directory exploited integrity language language models offensive penetration penetration testing process testing vapt vulnerabilities vulnerability vulnerability assessment web web applications web vulnerability