ai for Pwndbg: Your trusty AI debugging sidekick, developed by Olivia Lucca Fraser at Tenable as a Pwndbg command.
ai for GEF: Same as above, but implemented as a GEF command. Developed by Olivia Lucca Fraser at Tenable.
Gepetto: An IDA Pro plugin that queries GPT models for explanatory comments and meaningful variable names (like G-3PO for IDA Pro). Developed by Ivan Kwiatkowski.
GPT-WPRE: Whole-program Reverse Engineering with GPT-3. This is a little toy prototype of a tool that attempts to summarize a whole binary using GPT-3 (specifically the text-davinci-003 model), based on decompiled code provided by Ghidra. Developed by Brendan Dolan-Gavitt.
IATelligence: IATelligence is a Python script that extracts the Import Address Table (IAT) from a PE file and uses OpenAI's GPT-3 model to provide details about each Windows API imported by the file. The script also searches for related MITRE ATT&CK techniques and explains how the API could potentially be used by attackers. Developed by Thomas Roccia.
Network Analysis
BurpGPT: A BurpSuite plugin, developed by Tenable, that uses GPT to analyse HTTP requests and responses. Developed by Yossi Nisani at Tenable.
Cloud Security
EscalateGPT: Uses GPT to discover privilege escalation vulnerabilities in misconfigured Identity Access and Management (IAM) policies for AWS. Developed by Yossi Nisani at Tenable.
Proofs of Concept
Hacking LLMs
Indirect Prompt Injections: Proof of concept code for indirect prompt injection attacks, by Kai Greshake.
LLM-Driven Malware
LLMorphism: A self-replicating agent that uses GPT-3.5 as a metamorphic engine, by Second Part to Hell.
Darwin-GPT: A minimal self-replicating agent based on GPT-3.5/4, by Bernhard Mueller.