generated from stratosphereips/awesome-code-template
-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
46 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,15 +1,56 @@ | ||
| # Awesome Code Template | ||
| # VelLMes-AI-Honeypot | ||
|
|
||
| This repository is a template with basic elements that every repository at Stratosphere should follow. | ||
| The `VelLMes` read as (Vel-L-M-es, from Slavic deity Veles and LLMs) creates interactive, dynamic, and realistic honeypots through the use of Large Language Models (LLMs). The `VelLMes` tool was created from a research project to show the effectiveness of dynamic fake file systems and command responses to keep attackers trapped longer, thus increasing the intelligence collected. | ||
|
|
||
| The `VelLMes` can simulate services such as SSH Linux shell (`shelLM`), MySQL, POP3, and HTTP. | ||
|
|
||
| This repository also includes the `Attacker LLM` that can interact with Linux shells, search for vulnerabilities, and report on its findings. | ||
|
|
||
| ## Features | ||
|
|
||
| Write about what makes your [tool|code|data|repo] special. | ||
| `VelLMes` was developed in Python and currently uses Open AI GPT models. Among its key features are: | ||
|
|
||
| 1. The content from a previous session can be carried over to a new session to ensure consistency. | ||
| 2. It uses a combination of techniques for prompt engineering, including chain-of-thought. | ||
| 3. Uses prompts with precise instructions to address common LLM problems. | ||
| 4. More creative file and directory names for Linux shells | ||
| 5. In the Linux shell the users can "move" through folders | ||
| 6. Response is correct also for non-commands for all services | ||
| 7. It can simulate databases and their relations in the MySQL honeypot. | ||
| 8. It can create emails with all the necessary header info in the POP3 honeypots. | ||
| 9. It can respond to HTTP GET requests | ||
|
|
||
| ## Installation | ||
|
|
||
| The installation steps are as follows: | ||
|
|
||
| ```bash | ||
| ~$ # Install requirements | ||
| ~$ pip install -r requirements.txt | ||
| ~$ | ||
| ~$ # Create env file | ||
| ~$ cp env_TEMPLATE .env | ||
| ~$ # Edit env file to add OPEN AI API KEY | ||
| ~$ vim .env | ||
| ``` | ||
|
|
||
| ## Usage | ||
|
|
||
| Write about how others can use your [tool|code|data|repo]. | ||
| The `VelLMes` can be run with the following command: | ||
| ``` | ||
| ~$ python3 VelLMes.py -e [location of .env file] -c [location of the configuration file] | ||
| ``` | ||
|
|
||
| The configuration file should be in a .yml format and should contain the personality prompt and parameters such as max_number_of_tokens, temperature, locations of output and log files, and LLM to be used. | ||
| Configuration files for LLM are provided in this repository. | ||
|
|
||
| The parameters can be adjusted manually by passing them as arguments when the program is run. Flags are: -t (temperature), -m (LLM), -mt (max_tokens), -o (output_file), -l (log_file). | ||
|
|
||
| Another example of how the `VelLMes` can be run: | ||
| ``` | ||
| ~$ python3 VelLMes.py -e .env -c configSSH.yml -m "gpt-4" -mt 800 -t 0.2 -o "conversation.txt" -l "logs.txt" | ||
| ``` | ||
|
|
||
| # About | ||
|
|
||
| This [tool|code|data|repo] was developed at the Stratosphere Laboratory at the Czech Technical University in Prague. | ||
| This tool was developed at the Stratosphere Laboratory at the Czech Technical University in Prague. |