At present, penetration testing is done mostly manually, and relies heavily on the experience of the ethical hackers that are performing it, called "pentesters". This paper presents an automated penetration testing framework that employs deep reinforcement learning to automate the penetration testing process. We plan to use this framework mainly as a component of cybersecurity training activities, to provide guided learning for attack training by making use of the framework to suggest possible strategies. When adding support for actual penetration testing tools, the framework could also be used in defense training, by automatically recreating attacks in the training environment.In this paper we present our approach for automated penetration testing, which has two stages. First we use the Shodan search engine to collect relevant server data in order to build a realistic network topology, and employ multi-host multi-stage vulnerability analysis (MulVAL) to generate an attack tree for that topology; traditional search algorithms are used to find all the possible attack paths in that tree and to build a matrix representation as needed by deep reinforcement learning algorithms. As a second stage, we employ the Deep Q-Learning Network (DQN) method to discover the most easy to exploit attack path from the possible candidates. This approach was evaluated by generating thousands of input scenarios, and DQN was able to find the optimal path with an accuracy of 0.86, while also providing valid solutions in the other cases.