"...that thinks like a human."
It gets distracted by pr0n?
Bangalore hacker Rahul Sasi has built the beginnings of what he hopes will become a vulnerability scanner that thinks like a human. The ambitious project (PDF) is the work of Sasi and his team of six at security startup CloudSek, and is now going open source in hopes the security masses will help build the human-like …
Acunetix already does something similar.
No claims of machine learning or "thinking like a human" but give it the url of "a site randomly chosen" and the "tool can find and register for a legitimate account, and locate weak-looking profile editing pages."
That said, the more stuff like this there is the better.
"...and a direct object reference vulnerability in a food delivery app letting hackers score free pizza."
Ah nooooo! Not that one! Before you know it the free beer app is also not available anymore!
It is all a sugar tax kind of government conspiracy!
naive bays machine learning classifiers
"Naive Bayes classifiers", I think you'll find. "Bayes" is a proper name, and "Naive Bayes" and "Naive Bayes classifier" are terms of art. And in this context "machine learning" is redundant.
(And no, I'm not using the corrections link, as long as it's a mailto-scheme URL.)
Of course, just listing some vague references to families of ML algorithms is pretty much entirely uninformative. It tells us nothing about what varieties they're using, what they're using them for, or whether they're using them well. Naive Bayes, for example, can be pretty much useless as a classifier when misapplied. So can any technique, obviously, but NB is one of the particularly problematic ones (along with decision trees).
That said, for this application problematic techniques are probably still useful; low precision rates are generally fine for target determination in penetration testing, because the cost of a false positive is low there. It's much higher at later stages of pen-testing where humans get involved, so you want the subsequent layers to filter those errors well; but at the target-selection stage you're basically doing a more sophisticated version of random fuzzing.