Skip to content

jthack/hero

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 

Repository files navigation

Hero

This project is a proof of concept for a Hackbot, an AI-driven system that autonomously finds vulnerabilities in web applications. It takes a raw HTTP request as input and attempts to identify and exploit potential security vulnerabilities. It's probably not the best way to build a hackbot, but you can view it as inspiration.

WARNING: THIS POC IS LIKELY NOT SAFE TO USE IF YOURE HACKING ANYTHING WITH PROMPT INJECTION PAYLOADS POTENTIALLY IN THE REQUESTS AS IT CALLS EXEC() MEANING PROMPT INJECTION COULD LEAD TO RCE ON YOUR MACHINE.

Getting Started

Prerequisites

  • Python 3.8 or later
  • openai Python package
  • requests Python package

Installation

  1. Clone the repository:
    git clone https://github.com/jthack/hero.git
  2. Navigate to the project directory:
    cd hero
  3. Install the required dependencies:
    pip install -r requirements.txt

Usage

To use the Hackbot POC, you need to provide a raw HTTP request as input. The system will then generate ideas for potential vulnerabilities, modify the requests to test these ideas, and validate the results.

  1. Prepare a file containing a raw HTTP request (e.g., request.txt).
  2. Run the Hackbot script, passing the request file as input:
    cat request.txt | python hackbot.py

The output will include details of the ideas generated, the modified requests, and the validation results.

About

a hackbot proof-of-concept

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages