Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

So I was thinking recently... with Google (amongst others, of course) themselves pushing towards AI applications, it seems to me that many of these less-advanced* bounty hunts might perhaps be able to be automated with a fuzzer+scraper+AI based approach. The fact that bug bounties are still being awarded does suggest that this is not that trivial, however, but might still be fun to explore nonetheless. I.e. can one train an agent that goes off and tries this sort of things autonomously? Might be fun to translate the HTTP intrusion domain into a deep learning architecture.

Similar things are being applied on the "defensive" side of things already anyway (i.e. Iranian, Turkish, Chinese firewall systems using machine learning to identify and block new patterns), so why not apply this on the offensive side.

*: Not to demean the author in any way; I understand that putting the time in to explore these things is easier said than done in hindsight.



I'm similarly surprised we haven't heard of a AI augmented fuzzer that's been unleashed on random domains to just "try shit out." Seems like a good way to find weird little bugs. Then again, the scope of the "problem" is so massive, and the "rewards" (shit to flag as "yea check this out more") so vague, I don't even know how you'd begin.


If the good people don't do it soon, the bad people will...


Or the curious one. Just make a point&click version of such vulnerability scanner and post in on Reddit; you'll have half of the Internet scanned in no time.


not really, there's enough bad schemes that already work to bother with fancy technical exploits


I think that exists! It's called a vulnerability scanner. Maybe they could be smarter.


Wouldn't those simply scan and try for already known vulnerabilities? I think the point of the AI would be to look for unknown ones.


Its called a fuzzer. many of them have plugin frameworks where you can tensorflow your heart out.


Sure, people thought of it -- Google even sells it as a product, Cloud Security Scanner[1]. The internal version has been running on internal sites for a long time now.

[1] - https://cloud.google.com/security-scanner/


Very interesting. Does this really implement some intelligence/learning, however? Or is it just going over a list of known vulns like most scanners do?


It is an interesting subject to research but not easy. Finding and the exploiting a bug is art and science.

Augmenting fuzzying with AI is an interesting approach.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: