A Red Team automated testing modeling and online planning method for post-penetration

Abstract

Post-penetration red team automation testing effectively addresses the pain points of traditional manual red teams, including manpower, time costs, and the high level of professional knowledge required, thereby improving the efficiency and effectiveness of red team penetration testing. However, introducing automation technology into the red team testing domain still faces numerous technical challenges. These challenges include accurately simulating real attack environments, coordinating complex attack actions, and effectively resolving uncertainties during the attack process. These challenges remain critical issues that require urgent solutions. In this context, we propose a post-penetration-oriented automated red team penetration test modeling and planning approach. The objective of this approach is to automatically generate attack paths, coordinate attack behaviors, and adjust attack behaviors based on feedback, enabling attacks on real target networks through corresponding operations. We conducted analysis and performance testing on our solution, comparing it with other available planners. Our experimental results demonstrate the effectiveness of the proposed planner in achieving automated penetration testing. Compared to other available planners, ours can generate valid attack paths more quickly and exhibits excellent performance in planning effectiveness and quality. Furthermore, our planner possesses wide applicability across various penetration testing scenarios.