WiFiPenTester: Advancing Wireless Ethical Hacking with Governed GenAI
Haitham S. Al-Sinani, Chris J. Mitchell
TL;DR
WiFiPenTester introduces a governance-first framework that integrates GenAI reasoning into reconnaissance and decision-support for IEEE 802.11 wireless PenTesting while enforcing strict human-in-the-loop control and budget-aware execution. The approach leverages structured prompts, deterministic JSON outputs, protocol-aware validation, and evidence-centric logging to balance AI-assisted insight with auditability and safety. A PoC on commodity hardware demonstrates improved target prioritization and assessment efficiency, while highlighting practical limitations such as prompt sensitivity, environmental dynamics, and WPA3-SAE coverage. The work establishes a principled foundation for safe, scalable, and reproducible GenAI-assisted wireless security testing and identifies concrete directions for future enhancement.
Abstract
Wireless ethical hacking relies heavily on skilled practitioners manually interpreting reconnaissance results and executing complex, time-sensitive sequences of commands to identify vulnerable targets, capture authentication handshakes, and assess password resilience; a process that is inherently labour-intensive, difficult to scale, and prone to subjective judgement and human error. To help address these limitations, we propose WiFiPenTester, an experimental, governed, and reproducible system for GenAI-enabled wireless ethical hacking. The system integrates large language models into the reconnaissance and decision-support phases of wireless security assessment, enabling intelligent target ranking, attack feasibility estimation, and strategy recommendation, while preserving strict human-in-the-loop control and budget-aware execution. We describe the system architecture, threat model, governance mechanisms, and prompt-engineering methodology, and empirical experiments conducted across multiple wireless environments. The results demonstrate that GenAI assistance improves target selection accuracy and overall assessment efficiency, while maintaining auditability and ethical safeguards. This indicates that WiFiPenTester is a meaningful step toward practical, safe, and scalable GenAI-assisted wireless penetration testing, while reinforcing the necessity of bounded autonomy, human oversight, and rigorous governance mechanisms when deploying GenAI in ethical hacking.
