CyberBotLLM
Your Google Cloud Cybersecurity Expert, powered by Gemini Generative AI
This chatbot is part of my personal effort for the OWASP educational initiative in Cybersecurity. It is based on Google technology, and uses 4 different approaches:
- Regular conversation
- Cybersecurity Expert
- Hardened Cybersecurity Expert
- Cloud Cybersecurity Expert
Features
It uses Langchain to generate a conversation flow with memory, and also a RAG (Retrieval Augmented Generation) document that can be customized according to your educational goals.
Currently, RAG contains a list of fictitious usernames and passwords. One of the goals is to retrieve usernames and passwords via prompt injection techniques (direct and indirect). You can also poison the RAG document to force a Sensitive Information Disclosure.
How to use it
In order to use/replicate this chatbot, git clone
this repository. Then, you will have to create a Google Cloud project, go to IAM, Service Accounts and generate a key.json.
This key can be used directly as an environment variable by using os.environ['GOOGLE_APPLICATIONS_CREDENTIALS']='key.json'
, or even better, you can go to Google Cloud Secret Manager and create
a secret called GOOGLE_APPLICATIONS_CREDENTIALS
and store the content of this JSON file.
Main.py file is set up to be used with the Secret Manager in VSCode (Cloud Code extension).
Then, edit your project name and number in main.py. After that, run in command line:
gcloud auth login
gcloud config set project your project
And you are good to go:
python3 main.py
- Special thanks for Harish S.G., as this chatbot is based on the DamnVulnerableLLMBot (https://github.com/harishsg993010/DamnVulnerableLLMProject).