Web Penetration Testing Using Collaborative Multi-Agents and Integrated Reporting

Web Penetration Testing Using Collaborative Multi-Agents and Integrated Reporting

연구 분야: Strategies

학회: 2025 International Conference on Advancement in Data Science, E-learning and Information System (ICADEIS)

The accelerated emergence of cyber threats under-scores the need for robust web application security measures. Traditional penetration testing often proves inadequate in addressing modern attack vectors due to its static nature and limited adaptability. This study presents a collaborative multi-agent penetration testing framework designed to improve vulnerability detection through automation and information sharing. The framework integrates OWASP ZAP, Nikto, and Wapiti with the ELK stack to simulate sophisticated attack scenarios, collect real-time security intelligence, and generate actionable reports. It also uses deep reinforcement learning to dynamically adapt testing strategies based on evolving threats, enabling continuous improvement in detection efficiency. Exper-imental evaluation of OWASP Juice Shop and DVWA revealed 41 vulnerabilities, with 26 (63.41%) in Juice Shop and 15 (36.59%) in DVWA, primarily identified by OWASP ZAP. The results demonstrate a significant improvement over traditional methods in both detection accuracy and reporting effectiveness. This research highlights the potential of intelligent and coordinated testing to strengthen web application security, paving the way for future advancements in autonomous cybersecurity solutions.