Hi everyone,

I'm a engineer student in Cybersecurity, currently preparing my final year project, and I'm looking for a research/project idea related to Web Security in a Red Team / Pentesting context.

Initially, I proposed a project about automating the pentesting methodology using AI, but it was rejected because similar solutions already exist. So now I'm trying to find something more innovative and research-oriented.

I'm particularly interested in topics such as:

• Web application penetration testing

• Red Team techniques against modern web architectures

• AI-assisted offensive security

• Detection and exploitation of complex web vulnerabilities

• Automation of attack chains

Ideally, the project would:

• Focus on web security

• Have a Red Team / offensive security angle

• Possibly integrate AI/ML in a meaningful way

• Be novel enough for an academic research project

Examples of things I’m curious about (but not limited to):

• AI-assisted vulnerability discovery in web apps

• Automated chaining of web vulnerabilities to simulate real attack paths

• LLMs assisting Red Teamers during web pentests

• Attacking or bypassing AI-based web security defenses

If you have:

• Project ideas

• Research directions

• Papers or recent topics in this area

• Suggestions based on real pentest experience

I would really appreciate your input.

Thanks in advance!