Enregistré dans:
Détails bibliographiques
Auteurs principaux: Conde, Pedro, Branquinho, Henrique, Mazzone, Valerio, Mendes, Bruno, Baptista, André, Moniz, Nuno
Format: Preprint
Publié: 2026
Sujets:
Accès en ligne:https://arxiv.org/abs/2605.10834
Tags: Ajouter un tag
Pas de tags, Soyez le premier à ajouter un tag!
_version_ 1866916001245822976
author Conde, Pedro
Branquinho, Henrique
Mazzone, Valerio
Mendes, Bruno
Baptista, André
Moniz, Nuno
author_facet Conde, Pedro
Branquinho, Henrique
Mazzone, Valerio
Mendes, Bruno
Baptista, André
Moniz, Nuno
contents AI pentesting agents are increasingly credible as offensive security systems, but current benchmarks still provide limited guidance on which will perform best in real-world targets. Existing evaluation protocols assess and optimize for predefined goals such as capture-the-flag, remote code execution, exploit reproduction, or trajectory similarity, in simplified or narrow settings. These tools are valuable for measuring bounded capabilities, yet they do not adequately capture the complexity, open-ended exploration, and strategic decision-making required in realistic pentesting. In this paper, we present a practical evaluation protocol that shifts assessment from task completion to validated vulnerability discovery, allowing evaluation in sufficiently complex targets spanning multiple attack surfaces and vulnerability classes. The protocol combines structured ground-truth with LLM-based semantic matching to identify vulnerabilities, bipartite resolution to score findings under realistic ambiguity, continuous ground-truth maintenance, repeated and cumulative evaluation of stochastic agents, efficiency metrics, and reduced-suite selection for sustainable experimentation. This protocol extends the state of the art by enabling a more realistic, operationally informative comparison of AI pentesting agents. To enable reproducibility, we also release expert-annotated ground truth and code for the proposed evaluation protocol: https://github.com/jd0965199-oss/ethibench.
format Preprint
id arxiv_https___arxiv_org_abs_2605_10834
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle From Controlled to the Wild: Evaluation of Pentesting Agents for the Real-World
Conde, Pedro
Branquinho, Henrique
Mazzone, Valerio
Mendes, Bruno
Baptista, André
Moniz, Nuno
Artificial Intelligence
Cryptography and Security
AI pentesting agents are increasingly credible as offensive security systems, but current benchmarks still provide limited guidance on which will perform best in real-world targets. Existing evaluation protocols assess and optimize for predefined goals such as capture-the-flag, remote code execution, exploit reproduction, or trajectory similarity, in simplified or narrow settings. These tools are valuable for measuring bounded capabilities, yet they do not adequately capture the complexity, open-ended exploration, and strategic decision-making required in realistic pentesting. In this paper, we present a practical evaluation protocol that shifts assessment from task completion to validated vulnerability discovery, allowing evaluation in sufficiently complex targets spanning multiple attack surfaces and vulnerability classes. The protocol combines structured ground-truth with LLM-based semantic matching to identify vulnerabilities, bipartite resolution to score findings under realistic ambiguity, continuous ground-truth maintenance, repeated and cumulative evaluation of stochastic agents, efficiency metrics, and reduced-suite selection for sustainable experimentation. This protocol extends the state of the art by enabling a more realistic, operationally informative comparison of AI pentesting agents. To enable reproducibility, we also release expert-annotated ground truth and code for the proposed evaluation protocol: https://github.com/jd0965199-oss/ethibench.
title From Controlled to the Wild: Evaluation of Pentesting Agents for the Real-World
topic Artificial Intelligence
Cryptography and Security
url https://arxiv.org/abs/2605.10834