Pentesting LLM Models With an Automated Framework.
Saved in:
| Title: | Pentesting LLM Models With an Automated Framework. |
|---|---|
| Authors: | López-Delgado, Juan Luis1 (AUTHOR), López-Ramos, Juan Antonio1 (AUTHOR) jlopez@ual.es, Murray, Richard1 (AUTHOR) rmurray@wiley.com |
| Source: | International Journal of Intelligent Systems. 5/28/2026, Vol. 2026, p1-18. 18p. |
| Subjects: | Penetration testing (Computer security), Prompt engineering, Language models, Internet security, Generative pre-trained transformers |
| Abstract: | Artificial intelligence (AI) has become an essential tool in modern cybersecurity, enabling faster and more accurate detection, prevention, and response to threats. Within this landscape, large language models (LLMs) have emerged as versatile systems capable of generating code, providing technical guidance, and automating complex tasks. However, LLMs also introduce new security challenges, as they can be manipulated through prompt engineering and jailbreaking to perform malicious actions, potentially lowering the barrier for cyberattacks. This article investigates the risks and opportunities of LLMs using penetration testing, both as tools for ethical hacking and as potential targets themselves. We present an automatic framework that mutates prompts to test for jailbreak vulnerabilities across multiple LLM models, including GPT‐3.5 turbo, GPT‐4.1, and GPT‐5.0. Our experiments demonstrate how mutated prompts can generate concrete attack scenarios and reveal differences in how various models respond to malicious inputs. By analyzing the effectiveness and limitations of these techniques, this work contributes to a deeper understanding of LLM security, providing insights for both offensive and defensive applications in AI‐driven cybersecurity. [ABSTRACT FROM AUTHOR] |
| Copyright of International Journal of Intelligent Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) | |
| Database: | Engineering Source |
|
Full text is not displayed to guests.
Login for full access.
|
|
| Abstract: | Artificial intelligence (AI) has become an essential tool in modern cybersecurity, enabling faster and more accurate detection, prevention, and response to threats. Within this landscape, large language models (LLMs) have emerged as versatile systems capable of generating code, providing technical guidance, and automating complex tasks. However, LLMs also introduce new security challenges, as they can be manipulated through prompt engineering and jailbreaking to perform malicious actions, potentially lowering the barrier for cyberattacks. This article investigates the risks and opportunities of LLMs using penetration testing, both as tools for ethical hacking and as potential targets themselves. We present an automatic framework that mutates prompts to test for jailbreak vulnerabilities across multiple LLM models, including GPT‐3.5 turbo, GPT‐4.1, and GPT‐5.0. Our experiments demonstrate how mutated prompts can generate concrete attack scenarios and reveal differences in how various models respond to malicious inputs. By analyzing the effectiveness and limitations of these techniques, this work contributes to a deeper understanding of LLM security, providing insights for both offensive and defensive applications in AI‐driven cybersecurity. [ABSTRACT FROM AUTHOR] |
|---|---|
| ISSN: | 08848173 |
| DOI: | 10.1155/int/9698691 |