From 0e8e5bddb66471d7fde4f98671587675bdf3c406 Mon Sep 17 00:00:00 2001 From: Andreas Happe Date: Mon, 29 Apr 2024 14:10:29 +0200 Subject: [PATCH] Update README.md --- README.md | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index f2e3121..5ce25a9 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,7 @@ -# HackingBuddyGPT +# HackingBuddyGPT [![Discord](https://dcbadge.vercel.app/api/server/vr4PhSM8yN?style=flat&compact=true)](https://discord.gg/vr4PhSM8yN) -*Helping Ethical Hackers use LLMs in 50 Lines of Code or less..* - -[![Discord](https://dcbadge.vercel.app/api/server/vr4PhSM8yN?style=flat&compact=true)](https://discord.gg/vr4PhSM8yN) -## Introduction +*Helping Ethical Hackers use LLMs in 50 Lines of Code or less..* How can LLMs aid or even emulate hackers? Threat actors are [already using LLMs](https://arxiv.org/abs/2307.00691), creating the danger that defenders will not be prepared for this new threat. @@ -14,7 +11,7 @@ To create common ground truth, we strive to create common security testbeds and benchmarks, evaluate multiple LLMs and techniques against those, and publish our prototypes and findings as open-source/open-access reports. All source code can be found on [github](https://github.com/ipa-lab/hackingbuddyGPT). -hackingBuddyGPT is described in [Getting pwn'd by AI: Penetration Testing with Large Language Models ](https://arxiv.org/abs/2308.00121): +hackingBuddyGPT is described in [Getting pwn'd by AI: Penetration Testing with Large Language Models ](https://arxiv.org/abs/2308.00121), help us by citing it through: ~~~ bibtex @inproceedings{Happe_2023, series={ESEC/FSE ’23}, @@ -32,7 +29,7 @@ hackingBuddyGPT is described in [Getting pwn'd by AI: Penetration Testing with L ## Existing Agents/Usecases We strive to make our code-base as accessible as possible to allow for easy experimentation. -Our experiments are structured into `use-cases`, e.g., privilege escalation attacks, allowing Ethical Hackers to quickly write new use-cases (agens). +Our experiments are structured into `use-cases`, e.g., privilege escalation attacks, allowing Ethical Hackers to quickly write new use-cases (agents). Our initial forays were focused upon evaluating the efficiency of LLMs for [linux privilege escalation attacks](https://arxiv.org/abs/2310.11409) and we are currently breaching out into evaluation @@ -47,11 +44,8 @@ the use of LLMs for web penetration-testing and web api testing. ## Build your own Agent/Usecase -A researcher -wanting to create a new experiment would just create a new use-case that mostly consists -of the control loop and corresponding prompt templates. We provide multiple helper and base -classes, so that a new experiment can be implemented in a few dozens lines of code as -connecting to the LLM, logging, etc. is taken care of by our framework. For further information (esp. if you want to contribute use-cases), please take a look at [docs/use_case.md](docs/use_case.md). +So you want to create your own LLM hacking agent? Create a new [use case](docs/use_case.md) that implements `perform_round` and add a markdown template with the prompt. We provide multiple helper and base classes, so that a new experiment can be implemented in a few dozens lines of code. Tedious tasks, such as +connecting to the LLM, logging, etc. is taken care of by our framework. The following would create a new (minimal) linux privilege-escalation agent. Through using our infrastructure, this already uses configurable LLM-connections (e.g., for testing OpenAI or locally run LLMs), logs trace data to a local sqlite database for each run, implements a round limit (after which the agent will stop if root has not been achieved until then) and is able to connect to a linux target over SSH for fully-autonomous command execution (as well as password guessing).