Leveraging AI to Elevate Penetration Testing: Enhancing Discovery, Reporting, and Tool Development

At Girls Learn Cyber (GLC), LLC, we've been integrating AI into our all ethical hacking projects, which has led to numerous successes. Based on our experiences, we've developed three key tips to enhance your ethical hacking efforts and maximize the potential of AI in your work.

AI-Driven Tips to Boost Your Ethical Hacking Success

1. Leveraging AI for Enhanced Vulnerability Discovery.

   AI can be an invaluable asset in understanding unique devices, systems, protocols, and services encountered in ethical hacking engagements. For example, during our vulnerability disclosure program (VDP) work, we discovered Lantronix XPort devices being used at a government agency. While reviewing the product page provided some context, it was asking ChatGPT to explain the device's purpose and its potential value to hackers that truly highlighted its importance. This insight led us to prioritize further investigation into XPort devices, ultimately saving time and resources by focusing on high-value targets.

2. Using AI to Aid in Vulnerability Reporting. We have found that AI significantly accelerates the process of producing vulnerability reports. By providing specific information about the devices we identify with vulnerabilities, as well as the type of entity using the device, AI can rapidly generate structured reports. It automatically formulates recommendations, organizes the content, and offers concise summaries, all of which can be easily edited before submission. This not only streamlines our reporting process but also enhances the quality and clarity of our final submissions including submissions that earned us spots on Drexel University's Bug Bounty Hall of Fame.

3. Developing Your Own Penetration Testing Tools. When we encounter unique ports and services used by a target organization, we have successfully utilized AI to generate Python-based hacking modules that can be executed directly online. These custom modules, similar to Metasploit modules, prompt users for necessary inputs—such as IP addresses, hostnames, usernames, and passwords—and then run the tests on designated targets. This approach has proven highly effective, leading to significant success in our engagements and even resulting in the creation of a Ricoh printer exploit, which we later authored and published on ExploitDB.