: It serves as a tool for cybersecurity education , allowing students to study offensive tactics in a controlled, AI-driven environment. ⚖️ Challenges and Ethical Considerations

A simulated mode used for education where no actual attack is conducted. It allows users to study optimal attack paths based on a described network topology. Real Attack Mode:

while not done: action = agent.act(obs) obs, reward, done, _ = env.step(action) rewards += reward

| Method | Success Rate (%) | Avg. Steps | Time (min) | Coverage (%) | |-------------------|-----------------|------------|------------|--------------| | Random | 12.3 | 147 | 28.4 | 34.1 | | Metasploit Autopwn| 45.6 | 62 | 12.3 | 58.7 | | Q-learning | 52.1 | 58 | 11.8 | 63.2 | | OpenVAS + Manual | 78.4 | N/A | 89.0 | 81.5 | | | 91.7 | 33 | 7.4 | 92.3 |

: Purely theoretical; predicts attack paths without touching real systems.

[5] Open Vulnerability Assessment System (OpenVAS), “Greenbone Vulnerability Management,” 2023.