<![CDATA[Purpose – This study aims to design and evaluate a secure reconnaissance platform that integrates Large Language Model (LLM) agents for dynamic tool orchestration with a layered cryptographic protection pipeline to accelerate penetration-testing information gathering while protecting sensitive artefacts. Design/methods/approach – The platform unifies Nmap, WHOIS, and theHarvester under an LLM controller that generates command-line parameters through schema-constrained orchestration. Each output is validated against a strict JSON schema before execution. The protection pipeline applies AES-256-GCM with envelope keys for confidentiality, HMAC-SHA256 hash chaining for tamper-evident logs, Ed25519 signatures for report-level non-repudiation, and Argon2id-derived session keys. Evaluation was conducted on three public domains across thirty runs each, measuring latency, cryptographic overhead, verification integrity, signature validation, and an internal CVSS-informed triage score. Findings - The prototype showed that automated reconnaissance and cryptographic auditability can be combined with limited performance cost. A full pass over untan.ac.id completed in 14.97 seconds and produced an internal triage-heuristic score of 78/100. Cryptographic operations added 312 ms on average, equal to about 2.08% of total latency. All hash-chain links were verified, and Ed25519 signatures were validated in 71 µs. Research implications/limitations – The findings support red-team and blue-team workflows requiring faster, auditable reconnaissance reporting. However, the evidence is limited to three public domains under one network condition; therefore, the results should be interpreted as feasibility evidence, not generalisable performance claims. The risk score is an internal prioritisation heuristic, not a validated severity instrument. Originality/value – The study contributes a secure LLM-orchestrated reconnaissance framework that integrates structured command orchestration with cryptographic safeguards for confidentiality, integrity, and non-repudiation.]]>
Copyrights © 2026
