Abstract
This project explores how reinforcement learning can be used to automate exploitation of SQL injection vulnerabilities. The first objective is modelling SQL injection as a reinforcement learning problem and to train a reinforcement learning agent to effectively exploit a SQL injection vulnerability. The second objective is to use a realistic environment for applying the experiments. The environment is modelled as capture the flag-challenges where the attacker has to exploit SQL injection vulnerabilities and find flags to be successful. The results are measured by how many episodes that end in successful exploitation, how many steps that are used for exploitation, and how many episodes that are necessary to learn an effective policy. The reinforcement learning agent was successful in simple challenges, but struggled when the challenges became more complex. The CTF environment created a more realistic approach than former comparative studies, but was rather complex, and did not scale well when many training episodes were necessary. This research aims at contributing to the research of machine learning usage in the offensive security domain. The results can contribute to understanding the possibilities and limitations of using machine learning for ethical hacking purposes.