Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a groundbreaking multi-agent LLM framework designed for autonomous penetration testing on Linux shell systems in this 53-minute conference talk from Ekoparty Security Conference. Discover ARACNE's innovative modular architecture that combines strategic attack planning, execution, evaluation, and adaptive decision-making using both cloud and local LLM models. Learn how this framework addresses three critical issues in LLM-assisted attacks: creating effective generic shell-based attacks, achieving stable reproducible results, and enabling comprehensive evaluation. Understand how ARACNE accepts generic text descriptions of goals, connects via SSH, and recursively re-plans, executes, and evaluates attacks until objectives are achieved. Examine the detailed architecture design that ensures stability without database support and delivers low variability in results. Review comprehensive evaluations against state-of-the-art challenges including Over The Wire Bandit CTF and the first-ever testing against an LLM-based autonomous shell honeypot (ShelLM). Analyze performance metrics showing 63.63% success rate against CTF challenges and 60% success rate against ShelLM, with solutions typically requiring fewer than five commands. Explore ARACNE's versatile attack capabilities spanning reconnaissance, asset mapping, service exploitation, script creation, lateral movement, privilege escalation, persistence, and even ransomware-type attacks. Gain insights into the framework's key contributions including its modular multi-agent architecture, real-time evaluation and re-planning capabilities, jailbreaking techniques for generic attack descriptions, and public availability for community testing.
