Application of Neural Networks for Selecting Tools for Penetration Testing

DOI: https://doi.org/10.33445/sds.2025.15.4.12
Keywords: artificial intelligence, penetration testing, security tools, neural networks, automation, machine learning

Abstract

Purpose. To develop a method for the automated selection of penetration testing tools for web applications using neural networks.

Method. Construction of a feedforward neural network trained with the backpropagation algorithm using expert and user data represented as a matrix of tool characteristics. Implementation of the model through a web service using the LAMP stack and FANN library.

Findings. A web application was developed that allows users to specify criteria for testing tools, and the system provides appropriate recommendations. The trained neural network demonstrates effectiveness in selecting utilities based on input vectors, confirmed by experiments with Acunetix, Nessus, and Nexpose. The system incorporates both expert data and user feedback, ensuring its dynamic adaptation.

Theoretical implications. The study substantiates the effectiveness of neural networks for the automated selection of tools in cybersecurity, paving the way for new approaches to integrating machine learning into penetration testing processes.

Practical implications. The developed web service can be used as an auxiliary tool by security testers, especially beginners, for fast and justified selection of testing tools.

Value. The study shows that the application of neural networks increases the efficiency of tool selection and simplifies decision-making during web application testing.

Future research. Improving the model architecture, explainability of neural network decisions, scaling the system to larger datasets, and expanding the toolset.

Downloads

Download data is not yet available.

References

Tolkachova, A., & Piskozub, A. (2024). Methods for testing the security of web applications. Cybersecurity: Education, Science, Technique, 2(26), 115–122. https://doi.org/10.28925/2663-4023.2024.26.668

Chowdhary, A., Jha, K., & Zhao, M. (2023). Generative adversarial network (GAN)-based autonomous penetration testing for web applications. Sensors, 23(18), 8014. https://doi.org/10.3390/s23188014

Pozdniakov, K., Alonso, E., Stankovic, V., Tam, K., & Jones, K. (2020, June 15–19). Smart security audit: Reinforcement learning with a deep neural network approximator. In 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) (pp. 1–8). IEEE. https://doi.org/10.1109/CyberSA49311.2020.9139683

Pawlicki, M., Kozik, R., & Choraś, M. (2022, June). A survey on neural networks for (cyber-)security and (cyber-) security of neural networks. Neurocomputing. https://doi.org/10.1016/j.neucom.2022.06.002

Aljanabi, M., & ChatGPT. (2023, January). ChatGPT: Future directions and open possibilities. Mesopotamian Journal of Cyber Security, 16–17. https://doi.org/10.58496/mjcs/2023/003

Yam, Y. F., & Chow, T. W. S. (1993). Extended backpropagation algorithm. Electronics Letters, 29(19), 1701–1702. https://doi.org/10.1049/el:19931131

Wicht, B., Fischer, A., & Hennebert, J. (2018). DLL: A fast deep neural network library. In Artificial Neural Networks in Pattern Recognition (pp. 54–65). Springer International Publishing. https://doi.org/10.1007/978-3-319-99978-4_4


Abstract views: 37
PDF Downloads: 8
Published
2025-08-31
How to Cite
Piskozub, A., Zhuravchak, A., Zhuravchak, D., Zhuravchak, Y., & Beliaiev, I. (2025). Application of Neural Networks for Selecting Tools for Penetration Testing. Social Development and Security, 15(4), 126-132. https://doi.org/10.33445/sds.2025.15.4.12
Issue
Vol. 15 No. 4 (2025)
Section
Engineering and Technology

Copyright (c) 2025 Andriian Piskozub, Anastasiia Zhuravchak, Danyil Zhuravchak, Yurii Zhuravchak, Igor Beliaiev

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The authors agree with the following conditions:

1. Authors retain copyright and grant the journal right of first publication (Download agreement) with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.

2. Authors have the right to complete individual additional agreements for the non-exclusive spreading of the journal’s published version of the work (for example, to post work in the electronic repository of the institution or to publish it as part of a monograph), with the reference to the first publication of the work in this journal.

3. Journal’s politics allows and encourages the placement on the Internet (for example, in the repositories of institutions, personal websites, SSRNResearchGateMPRASSOAR, etc.) manuscript of the work by the authors, before and during the process of viewing it by this journal, because it can lead to a productive research discussion and positively affect the efficiency and dynamics of citing the published work (see The Effect of Open Access).