FORGE: Multi-Agent Graduated Exploitation and Detection Engineering
Title: FORGE: Multi-Agent Graduated Exploitation and Detection Engineering
Abstract:
The current volume of vulnerability disclosures vastly outpaces the ability of organizations to assess them effectively. Meanwhile, three distinct research domains—proof-of-concept generation, vulnerability prioritization, and detection rule engineering—largely function in isolation. Traditional automated exploit generation tools typically deliver only binary success or failure results, thereby discarding any partial progress and offering no valuable data to the other two communities. To address this fragmentation, this study introduces FORGE, a multi-agent framework that connects these silos by implementing graduated exploitation depth.
The system utilizes five specialized agents—Intel, Generator, Planner, Exploit, and Detector—operating within a fixed pipeline. This workflow first creates targeted vulnerable applications based on CVE metadata. It then performs coached, multi-turn exploitation, which is evaluated by an LLM-primary oracle using a four-level taxonomy ranging from L0 (no evidence) to L3 (full compromise). Finally, the system generates Sigma and Snort detection rules derived from OpenTelemetry exploitation traces.
Graduated depth serves as the critical bridge between these fields. Deeper levels of exploitation provide richer behavioral traces for detection engineering, while the depth data across various scoring bands establishes ground truth for validating prioritization strategies. Furthermore, a tiered knowledge architecture accumulates intelligence throughout the assessment process, transferring both build and exploitation experience to future CVE evaluations.
In evaluations involving 603 CVEs from the CVE-GENIE dataset, FORGE achieved an end-to-end L1+ exploitation rate of 67.8% at a cost of USD 1.50 per CVE. The system operated across eight programming languages and 187 CWE types. Notably, exploitation rates remained consistent at approximately 68%, irrespective of the EPSS or CVSS band. This consistency suggests that pattern-level reachability is independent of metadata-based prioritization methods.
Regarding detection efficacy, rules derived from L2+ exploitation demonstrated significantly higher span-normalized grounding compared to those from L1 (p=0.035). Additionally, 93.4% of the generated Snort rules resulted in zero false positives when tested against a synthetic benign corpus.
Source: arXiv Generated at: 2026-06-03 00:00:00 UTC
