This technical report investigates the integration of generative AI (GenAI), specifically ChatGPT, into the practice of ethical hacking through a comprehensive experimental study and conceptual analysis. Conducted in a controlled virtual environment, the study evaluates GenAI's effectiveness across the key stages of penetration testing on Linux-based target machines operating within a virtual local area network (LAN), including reconnaissance, scanning and enumeration, gaining access, maintaining access, and covering tracks. The findings confirm that GenAI can significantly enhance and streamline the ethical hacking process while underscoring the importance of balanced human-AI collaboration rather than the complete replacement of human input. The report also critically examines potential risks such as misuse, data biases, hallucination, and over-reliance on AI. This research contributes to the ongoing discussion on the ethical use of AI in cybersecurity and highlights the need for continued innovation to strengthen security defences.

翻译：本技术报告通过综合性实验研究与概念分析，探讨了生成式人工智能（特别是ChatGPT）在伦理黑客实践中的整合应用。研究在受控虚拟环境中展开，评估了生成式人工智能在针对虚拟局域网内基于Linux目标主机的渗透测试关键阶段（包括侦察、扫描与枚举、获取访问权限、维持访问权限及清除痕迹）中的效能。研究结果证实，生成式人工智能能够显著增强并优化伦理黑客流程，同时强调人机协同平衡的重要性，而非完全取代人类参与。报告还批判性审视了潜在风险，如技术滥用、数据偏差、幻觉生成及对人工智能的过度依赖。本研究为网络安全领域人工智能伦理使用的持续讨论提供了新见解，并强调了通过持续创新强化安全防御的必要性。