{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,4]],"date-time":"2025-12-04T07:58:28Z","timestamp":1764835108163,"version":"3.46.0"},"reference-count":29,"publisher":"IEEE","license":[{"start":{"date-parts":[[2025,8,26]],"date-time":"2025-08-26T00:00:00Z","timestamp":1756166400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,8,26]],"date-time":"2025-08-26T00:00:00Z","timestamp":1756166400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100002914","name":"Concordia University","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100002914","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,8,26]]},"DOI":"10.1109\/pst65910.2025.11268838","type":"proceedings-article","created":{"date-parts":[[2025,12,3]],"date-time":"2025-12-03T18:40:04Z","timestamp":1764787204000},"page":"1-8","source":"Crossref","is-referenced-by-count":0,"title":["RefPentester: A Knowledge-Informed Self-Reflective Penetration Testing Framework Based on Large Language Models"],"prefix":"10.1109","author":[{"given":"Hanzheng","family":"Dai","sequence":"first","affiliation":[{"name":"Concordia Institute for Information Systems Engineering (CIISE), Concordia University,Montr´eal,Canada"}]},{"given":"Yuanliang","family":"Li","sequence":"additional","affiliation":[{"name":"Concordia Institute for Information Systems Engineering (CIISE), Concordia University,Montr´eal,Canada"}]},{"given":"Jun","family":"Yan","sequence":"additional","affiliation":[{"name":"Concordia Institute for Information Systems Engineering (CIISE), Concordia University,Montr´eal,Canada"}]},{"given":"Zhibo","family":"Zhang","sequence":"additional","affiliation":[{"name":"Polytechnique Montr´eal,Montr´eal,Canada"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.4324\/9781315145891"},{"key":"ref2","article-title":"Penetration testing execution standard main page"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/LISAT.2016.7494156"},{"volume-title":"Metasploit: the penetration tester\u2019s guide.","year":"2011","author":"Kennedy","key":"ref4"},{"key":"ref5","first-page":"47","article-title":"\u201cOpenvas,\u201d Quick Start Guide to Penetration Testing: With NMAP","author":"Rahalkar","year":"2019","journal-title":"OpenVAS and Metasploit"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103358"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2019.02.022"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-27645-3"},{"issue":"2","key":"ref9","article-title":"A survey of large language models","volume":"1","author":"Zhao","year":"2023","journal-title":"arXiv preprint arXiv:2303.18223"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA61862.2024.00258"},{"key":"ref11","first-page":"9459","article-title":"Retrievalaugmented generation for knowledge-intensive nlp tasks","volume":"33","author":"Lewis","year":"2020","journal-title":"Advances in neural information processing systems"},{"key":"ref12","article-title":"Reflexion: Language agents with verbal reinforcement learning","volume":"36","author":"Shinn","year":"2024","journal-title":"Advances in Neural Information Processing Systems"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.3390\/info11010006"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW51379.2020.00010"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN60899.2024.10650368"},{"key":"ref16","first-page":"847","article-title":"{PentestGPT}: Evaluating and harnessing large language models for automated penetration testing","volume-title":"33rd USENIX Security Symposium (USENIX Security 24)","author":"Deng"},{"key":"ref17","article-title":"Autoattacker: A large language model guided system to implement automatic cyber-attacks","author":"Xu","year":"2024","journal-title":"arXiv preprint arXiv:2403.01038"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/3571730"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.48550\/ARXIV.1706.03762"},{"key":"ref20","article-title":"Concrete problems in ai safety","author":"Amodei","year":"2016","journal-title":"arXiv preprint arXiv:1606.06565"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.25"},{"key":"ref22","article-title":"Mitigating training imbalance in 11 m fine-tuning via selective parameter merging","author":"Ju","year":"2024","journal-title":"arXiv preprint arXiv:2410.03743"},{"volume-title":"Mitre att&ck\u00ae matrix","key":"ref23"},{"key":"ref24","article-title":"Owasp testing guide"},{"key":"ref25","article-title":"Active machines list"},{"volume-title":"Openvpn website","key":"ref26"},{"key":"ref27","article-title":"Introduction to pwnbox - hack the box help articles"},{"key":"ref28","article-title":"Hello gpt-4o"},{"volume-title":"llama-text-embed-v2 nvidia","key":"ref29"}],"event":{"name":"2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)","start":{"date-parts":[[2025,8,26]]},"location":"Fredericton, NB, Canada","end":{"date-parts":[[2025,8,28]]}},"container-title":["2025 22nd Annual International Conference on Privacy, Security, and Trust (PST)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/11268482\/11268814\/11268838.pdf?arnumber=11268838","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,4]],"date-time":"2025-12-04T07:55:07Z","timestamp":1764834907000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11268838\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,26]]},"references-count":29,"URL":"https:\/\/doi.org\/10.1109\/pst65910.2025.11268838","relation":{},"subject":[],"published":{"date-parts":[[2025,8,26]]}}}