Sunday, May 4, 2025
HomeCyber AIChatGPT Reconnaissance Techniques for Penetration Testing Success

ChatGPT Reconnaissance Techniques for Penetration Testing Success

Published on

SIEM as a Service

Follow Us on Google News

ChatGPT is one of the biggest and most sophisticated language models ever made, with a massive neural network of over 175 billion parameters.

Recent research has revealed how ChatGPT for penetration testing can enable testers to achieve greater success.

ChatGPT was launched by OpenAI in November 2022, causing significant disruption in the AI/ML community.

- Advertisement - Google News

Sophisticated email attacks are on the rise, thanks to threat actors leveraging the power of Artificial Intelligence.

However, researchers are staying one step ahead by utilizing ChatGPT for threat analysis and penetration testing.

A recently published research paper by Sheetal Tamara from the University of the Cumberlands highlights the effective use of ChatGPT in Reconnaissance.

Recently an automated penetration testing tool PentestGPT released;

https://gbhackers.com/pentestgpt

ChatGPT For Penetration Testing

The ChatGPT can be used in the initial reconnaissance phase, where the penetration tester is collection detailed data about the scope of assessment.

With the help of ChatGPT, pen-testers able to obtain reconnaissance data such as Internet Protocol (IP) address ranges, domain names, network topology, vendor technologies, SSL/TLS ciphers, ports & services, and operating systems.

This research highlights how artificial intelligence language models can be used in cybersecurity and contributes to advancing penetration testing techniques.

Pentesters can obtain the organization’s IP address using the prompt (“What IP address range related information do you have on [insert organization name here] in your knowledge base?”).

This prompt would deliver the possible IP addresses used by the organization.

“What type of domain name information can you gather on [insert target website here]?”

ChatGPT could provide the list of domain names used by the organization, such as primary domains, subdomains, other domains, international domains, generic top-level domains (gTLDs), and subsidiary domains.

“What vendor technologies does [insert target website fqdn here] make use of on its website?”

Answering this question, ChatGPT will provide various technologies, such as content delivery networks (CDNs), web servers, advertising engines, analytics engines, customer relationship management (CRM), and other technologies organizations use.

“Provide a comprehensive list of SSL ciphers based on your research used by [insert target website fqdn] in pursuant to your large corpus of text data present in your knowledge base.”

ChatGPT could provide the ciphers, SSL/TLS versions, and types of TLS certificates used, also, with this question, ChatGPT above to check the encryption standard used.

“Please list the partner websites including FQDN based on your research that [insert target website here] has direct links to according to your knowledge base.”

In response to the question, ChatGPT is able to provide a list of partner websites that are directly linked.

“Provide a vendor technology stack based on your research that is used by [insert organization name here].“

This prompt would extract the include application server type, database type, operating systems, big data technologies, logging and monitoring software, and other infrastructure-related information specific to the organization.

“Provide a list of network protocols related information that is available on [insert organization name here].”

ChatGPT will return a list of network protocols the target organization uses, including HTTPS, SMTP, NTP, SSH, SNMP, and others.

The research determined that “ChatGPT has the ability to provide valuable insight into the deployment of the target organization’s technology stack as well as specific information about web applications deployed by the target organization,” reads the paper published.

“The research performed on ChatGPT required trial and error in the prompting as certain requests can either be outright rejected or may result in responses that do not contain usable data for the reconnaissance phase of a penetration test.”

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting...

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the...

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool...

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

XDR, MDR, And EDR: Enhancing Your Penetration Testing Process With Advanced Threat Detection

In the ever-evolving world of cybersecurity, organizations must continuously adapt their defense strategies to...

Frida Penetration Testing Toolkit Updated with Advanced Threat Monitoring APIs

In a significant update to the popular dynamic instrumentation toolkit Frida, developers have introduced...

Top 10 Best Penetration Testing Companies in 2025

Penetration testing companies play a vital role in strengthening the cybersecurity defenses of organizations...