Pentesting LLM Models With an Automated Framework.

Saved in:
Bibliographic Details
Title: Pentesting LLM Models With an Automated Framework.
Authors: López-Delgado, Juan Luis1 (AUTHOR), López-Ramos, Juan Antonio1 (AUTHOR) jlopez@ual.es, Murray, Richard1 (AUTHOR) rmurray@wiley.com
Source: International Journal of Intelligent Systems. 5/28/2026, Vol. 2026, p1-18. 18p.
Subjects: Penetration testing (Computer security), Prompt engineering, Language models, Internet security, Generative pre-trained transformers
Abstract: Artificial intelligence (AI) has become an essential tool in modern cybersecurity, enabling faster and more accurate detection, prevention, and response to threats. Within this landscape, large language models (LLMs) have emerged as versatile systems capable of generating code, providing technical guidance, and automating complex tasks. However, LLMs also introduce new security challenges, as they can be manipulated through prompt engineering and jailbreaking to perform malicious actions, potentially lowering the barrier for cyberattacks. This article investigates the risks and opportunities of LLMs using penetration testing, both as tools for ethical hacking and as potential targets themselves. We present an automatic framework that mutates prompts to test for jailbreak vulnerabilities across multiple LLM models, including GPT‐3.5 turbo, GPT‐4.1, and GPT‐5.0. Our experiments demonstrate how mutated prompts can generate concrete attack scenarios and reveal differences in how various models respond to malicious inputs. By analyzing the effectiveness and limitations of these techniques, this work contributes to a deeper understanding of LLM security, providing insights for both offensive and defensive applications in AI‐driven cybersecurity. [ABSTRACT FROM AUTHOR]
Copyright of International Journal of Intelligent Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Full text is not displayed to guests.
FullText Links:
  – Type: pdflink
Text:
  Availability: 1
Header DbId: egs
DbLabel: Engineering Source
An: 194136410
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Pentesting LLM Models With an Automated Framework.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22López-Delgado%2C+Juan+Luis%22">López-Delgado, Juan Luis</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22López-Ramos%2C+Juan+Antonio%22">López-Ramos, Juan Antonio</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> jlopez@ual.es</i><br /><searchLink fieldCode="AR" term="%22Murray%2C+Richard%22">Murray, Richard</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> rmurray@wiley.com</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22International+Journal+of+Intelligent+Systems%22">International Journal of Intelligent Systems</searchLink>. 5/28/2026, Vol. 2026, p1-18. 18p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Penetration+testing+%28Computer+security%29%22">Penetration testing (Computer security)</searchLink><br /><searchLink fieldCode="DE" term="%22Prompt+engineering%22">Prompt engineering</searchLink><br /><searchLink fieldCode="DE" term="%22Language+models%22">Language models</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+security%22">Internet security</searchLink><br /><searchLink fieldCode="DE" term="%22Generative+pre-trained+transformers%22">Generative pre-trained transformers</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Artificial intelligence (AI) has become an essential tool in modern cybersecurity, enabling faster and more accurate detection, prevention, and response to threats. Within this landscape, large language models (LLMs) have emerged as versatile systems capable of generating code, providing technical guidance, and automating complex tasks. However, LLMs also introduce new security challenges, as they can be manipulated through prompt engineering and jailbreaking to perform malicious actions, potentially lowering the barrier for cyberattacks. This article investigates the risks and opportunities of LLMs using penetration testing, both as tools for ethical hacking and as potential targets themselves. We present an automatic framework that mutates prompts to test for jailbreak vulnerabilities across multiple LLM models, including GPT‐3.5 turbo, GPT‐4.1, and GPT‐5.0. Our experiments demonstrate how mutated prompts can generate concrete attack scenarios and reveal differences in how various models respond to malicious inputs. By analyzing the effectiveness and limitations of these techniques, this work contributes to a deeper understanding of LLM security, providing insights for both offensive and defensive applications in AI‐driven cybersecurity. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of International Journal of Intelligent Systems is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=194136410
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1155/int/9698691
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 18
        StartPage: 1
    Subjects:
      – SubjectFull: Penetration testing (Computer security)
        Type: general
      – SubjectFull: Prompt engineering
        Type: general
      – SubjectFull: Language models
        Type: general
      – SubjectFull: Internet security
        Type: general
      – SubjectFull: Generative pre-trained transformers
        Type: general
    Titles:
      – TitleFull: Pentesting LLM Models With an Automated Framework.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: López-Delgado, Juan Luis
      – PersonEntity:
          Name:
            NameFull: López-Ramos, Juan Antonio
      – PersonEntity:
          Name:
            NameFull: Murray, Richard
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 28
              M: 05
              Text: 5/28/2026
              Type: published
              Y: 2026
          Identifiers:
            – Type: issn-print
              Value: 08848173
          Numbering:
            – Type: volume
              Value: 2026
          Titles:
            – TitleFull: International Journal of Intelligent Systems
              Type: main
ResultId 1