AutoAudit by ddzipp

LLM for cybersecurity

created 2 years ago

342 stars

Top 81.9% on sourcepulse

Project Summary

This project provides LLMs fine-tuned for cybersecurity tasks, aiming to enhance threat detection, analysis, and response. It targets cybersecurity professionals and researchers by offering automated analysis of code, network protocols, and security knowledge, with a practical integration of ClamAV for a security scanning platform.

How It Works

The project leverages fine-tuned LLMs, including versions based on Alpaca-Lora (AutoAudit-7B) and Llama3-8B-instruct (AutoAudit-8B-Instruct), to process and analyze cybersecurity-related data. The approach focuses on generating detailed analysis, security ratings, risk assessments, and solutions, drawing from a dataset organized in the Alpaca format, combining human annotation and self-generated data from security sources.

Quick Start & Requirements

Install dependencies: pip install -r requirements.txt
Requires ClamAV installation and path configuration.
Set paths for Llama model and LoRA weights in sandbox/yahma/llama-7b-hf and sandbox/lilBuffaloEirc/autoaudit_20230703_attempt2.
Run with python manage.py runserver.
Python 3.8 is specified for the Conda environment.
Official documentation is available via the "文档/Wiki" link.

Highlighted Details

Offers AutoAudit-7B (demo, Alpaca-Lora based) and AutoAudit-8B-Instruct (Llama3-8B-instruct based) models.
Integrates with ClamAV for a security scanning platform.
Dataset generation utilizes a GPT in the GPT Store.
Future plans include synthesizing a high-quality cybersecurity corpus and integrating tools like Nmap and Metasploit.

Maintenance & Community

Active development acknowledged with thanks to Eric Ma and CUHKSZ He Lab.
Community interaction encouraged via "提问/Issues" and "讨论/Discussions" links.

Licensing & Compatibility

License details are not explicitly stated in the provided README text.

Limitations & Caveats

AutoAudit-7B lacks contextual understanding and requires larger parameter models.
The AutoAudit-Qwen model is in the exploration and planning stage due to limited Chinese cybersecurity corpus availability.

Health Check

Last commit

5 months ago

Responsiveness

1+ week

Pull Requests (30d)

0

Issues (30d)

0

Star History

16 stars in the last 90 days

Explore Similar Projects

Open-Prompt-Injection by liu00222

Benchmark for prompt injection attacks and defenses in LLM apps

created 1 year ago

updated 2 weeks ago

awesome-llm-cybersecurity-tools by tenable

Cybersecurity research tools using large language models

created 2 years ago

updated 1 year ago

HackBot by morpheuslord

Cybersecurity chatbot for answering queries, code analysis, and scan analysis

created 2 years ago

updated 8 months ago

GPT_Vuln-analyzer by morpheuslord

AI-powered CLI/GUI tool for vulnerability analysis and reporting

created 2 years ago

updated 8 months ago

finite-monkey-engine by BradMoonUESTC

AI engine for smart contract audit

created 1 year ago

updated 5 days ago

FuzzyAI by cyberark

LLM fuzzer for automated jailbreak detection

created 8 months ago

updated 2 weeks ago

awesome-gpt-security by cckuailong

Curated security resources for LLMs and GPT

created 2 years ago

updated 2 months ago

ReconScan by RoliSoft

CLI tool for network reconnaissance and vulnerability assessment

created 8 years ago

updated 3 years ago

DeepSeekSelfTool by ChinaRan0

AI cybersecurity toolkit by DeepSeek for network security tasks

created 6 months ago

updated 5 months ago

pytm by OWASP

Python framework for threat modeling, shifting left for developers

created 7 years ago

updated 2 months ago

Starred by

Dan Guido

Dan Guido(Cofounder of Trail of Bits).

vulnhuntr by protectai

LLM-powered tool for zero-day vulnerability discovery via static code analysis

created 9 months ago

updated 5 months ago

hackGPT by NoDataFound

ChatGPT tool for offensive security tasks

created 2 years ago

updated 1 week ago

Feedback? Help us improve.